We recognize and thank security researchers who help keep BizKitHub platform secure through responsible disclosure of security vulnerabilities.
We appreciate the security community's efforts to keep our platform safe. If you discover a security vulnerability, please report it responsibly through our security contact.
Report vulnerabilities privately before public disclosure
Do not access, modify, or delete user data
Report findings as soon as possible after discovery
Conduct security research in good faith and within legal boundaries
Email: jan@barasek.com
Subject: [SECURITY] Vulnerability Report
For sensitive reports, use our PGP key for encryption
| Researcher | Date | Severity | Description | Status | Reward |
|---|---|---|---|---|---|
Security Researcher | 15. 12. 2024 | Medium | Reported potential XSS vulnerability in user input validation | Fixed | Recognition |
Anonymous Researcher | 28. 11. 2024 | Low | Information disclosure in error messages | Fixed | Recognition |
Ethical Hacker | 12. 10. 2024 | High | Authentication bypass in legacy API endpoint | Fixed | Recognition + Bounty |
We acknowledge receipt within 24 hours
Initial assessment within 72 hours
Fix deployed based on severity
Public acknowledgment (if desired)
Please do not test vulnerabilities on production systems. Contact us first to discuss safe testing environments if needed.
We will not pursue legal action against researchers who follow responsible disclosure guidelines and act in good faith.
We appreciate responsible disclosure of security vulnerabilities. Please contact our security team for any security-related concerns.
