Responsible Disclosure Policy
Thank you for helping to keep ChildBazaar safe and secure. We appreciate the efforts of security researchers and members of the community in identifying and responsibly disclosing potential vulnerabilities in our systems.
Reporting Security Vulnerabilities
If you believe you have discovered a security vulnerability in any of our systems, we encourage you to report it to us in accordance with this Responsible Disclosure Policy. We welcome your assistance in helping us maintain the highest level of security for our users.
Guidelines for Responsible Disclosure
Scope: This policy covers all systems, services, applications, and websites owned and operated by ChildBazaar.
Eligibility: We welcome and encourage responsible disclosure from all security researchers and community members. However, please do not attempt to exploit any potential vulnerabilities you discover.
Legal Safe Harbor: We will not take legal action against individuals who discover and report security vulnerabilities responsibly. We consider this activity as contributing to the security of our systems.
What to Include: When reporting a vulnerability, please provide sufficient information to allow our team to understand and reproduce the issue. This includes a detailed description of the vulnerability, the steps to reproduce it, and any supporting material such as screenshots or proof-of-concept code.
Exclusions: The following activities are not considered as part of responsible disclosure and are strictly prohibited:
- Any attempt to compromise the privacy or data of our users.
- Any attempt to interfere with the availability of our services.
- Any social engineering attacks.
Response: We will make best efforts to respond to your report in a timely manner. We appreciate your patience and cooperation during the investigation and resolution process.
How to Report
Please submit your findings by email to security@ChildBazaar.in. Include "Security Vulnerability Report" in the subject line. We encourage you to use encryption when sending sensitive information.
Recognition
As a token of our appreciation for responsible disclosure, we may provide recognition on our website or other public forums, subject to the researcher's preference.
Changes to the Policy
We reserve the right to update or modify this Responsible Disclosure Policy at any time without prior notice. Any changes will be effective immediately upon posting on our website.
Thank you for helping us ensure the security of ChildBazaar. We value your commitment to responsible disclosure.