Introduction
Welcome to the Senbee Bug Bounty Program. Our program is designed to reward security researchers for identifying vulnerabilities in our systems and applications. We appreciate your efforts in helping us maintain the highest standards of security.
The Bug Bounty Program is open to anyone who adheres to the program rules and submits valid vulnerability reports.
Scope
The following types of vulnerabilities are considered in scope for the Bug Bounty Program:
- Remote Code Execution
- SQL Injection
- Cross-Site Scripting (XSS)
- Authentication Bypasses
- Privilege Escalation
- Other severe vulnerabilities
Out of Scope
The following types of vulnerabilities are considered out of scope for the Bug Bounty Program:
- Denial of Service attacks
- Social Engineering
- Physical attacks
- Spamming
- Clickjacking on pages with no sensitive actions
- Content spoofing and text injection
Rewards & Rules
Rewards are determined based on the severity of the vulnerability reported. Higher severity vulnerabilities typically receive higher rewards. Rewards range from β¬100 to β¬10,000.
- Respect user privacy and data.
- Do not exploit any vulnerability beyond testing and reporting it.
- Provide clear and detailed reports, including steps to reproduce the vulnerability.
- Do not publicly disclose the vulnerability before it has been resolved.
- Follow all relevant laws.
Submission Process
To submit a vulnerability report, please send an email to bugbounty@senbee.com with the following details:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Your contact information
By participating in the Bug Bounty Program, you agree to comply with all applicable laws and regulations. senbee.com reserves the right to modify or cancel the program at any time without notice.
