Responsible Disclosure Policy
At eu4ua, the security of refugees, hosts and volunteers data is our priority. The purpose of this page (the “Responsible Disclosure Policy”) is to provide you with all the information you need if you have discovered a potential vulnerability in any of our products or services.
We really appreciate the help of our community and to make sure that any disclosures are made responsibly. Please ensure you follow the terms below:
You can submit issues to email@example.com and please include the following information:
- affected URL or IP address
- a description of the issue including a list of steps to reproduce the issue
- the period of time during which you were able to observe the issue
As we are an association, please note that we do not offer a bug bounty program. This means that we do not pay rewards for disclosed security vulnerabilities.
Scope includes all assets behind eu4ua.org expect those related to 3rd parties.
WHAT WE ASK OF YOU
- When searching for potential weaknesses on our system, please make sure you setup the following header. That way it will help us to discriminate your testings from a malicious actor.