Effective starting: October 1, 2021
PRIZ Guru understands that the protection of customer data is a significant responsibility and requires our highest priority. We, therefore, take the security of our systems extremely seriously, and we genuinely value the assistance of security researchers and others in the security community to assist in keeping our systems secure. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of all our users.
There are a few guiding principles that we would really appreciate researchers adhering to:
We require that all researchers:
If you follow these guidelines when reporting an issue to us, we commit to:
Any services hosted by third-party providers and services are excluded from the scope. These services include:
In the interest of the safety of our users, staff, the Internet at large, and you as a security researcher, the following test types are excluded from scope:
Web application vulnerabilities such as XSS, XXE, CSRF, SQLi, Local or Remote File Inclusion, authentication issues, remote code execution, and authorization issues, privilege escalation, and clickjacking. The vulnerability must be in one of the services named in the Scope section above. You must be the first researcher to responsibly disclose the vulnerability and you must follow the responsible disclosure principles set out in this policy, which include giving us a reasonable amount of time to address the vulnerability. A reasonable amount of time will be agreed upon with you following the disclosure of the vulnerability.
Each submission will be evaluated on a case-by-case basis, here is a list of some of the issues which don’t qualify as security vulnerabilities
If you believe you’ve found a security vulnerability in one of our products or platforms please report it by emailing our security team. Please include the following details with your report:
PRIZ Guru would like to publicly convey our deepest gratitude to the following security researchers for responsibly disclosing vulnerabilities and working with us to remediate them. Your legendary efforts are truly appreciated by PRIZ Guru team.