Socialveins Vulnerability Disclosure Policy

Hey hackers!

Welcome to Socialveins Bug Bounty Program. We take security seriously at Socialveins and we're committed to protecting our community. If you believe you have found a security vulnerability within our scope (Website), do responsibly disclose it onto this platform.

Please submit a detailed description of the issue to us, along with the steps to reproduce it. We trust the security community to make every effort to protect our users' data and privacy.

Disclosure Policy

• Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue.

• Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third party.

• Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with the explicit permission of the account holder.

In-Scope

The scope of issues is limited to technical vulnerabilities in the Socialveins Website. Please do not attempt to compromise the safety or privacy of our users (so please use test accounts), or the availability of Socialveins through DoS attacks, spam or editing any data. We also request you not to use vulnerability testing tools that generate a significant volume of traffic.

In-Scope Assets:

• https://app.socialveins.com
• https://api.sociaveins.com

Language Frameworks: Javascript, React.js, MongoDB & Node.js

Asset Environment: AWS, Netlify, Azure

Out of Scope

• Subdomains of our website (unless mentioned in the "in-scope" section)