Although our team of tech experts have made every effort to mitigate all the bugs in our systems, Cogoport invites you guys to DON the researcher’s lab coat and explore our website for any such undesirable elements ruining your and other visitors’ user experience.
If you discover a bug while exploring the website and our platform/dashboard, we appreciate your cooperation in responsibly reporting it to us so that we can address it as soon as possible. For both Security and non-security related bugs/vulnerabilities, we offer reward and recognitions (see below).
Please note that only genuine findings/issues are eligible for rewards.
To participate in Cogoport's bug bounty program, you need to follow the following guidelines:
You must not proceed further if you find a severe vulnerability that allows system access.
Disclosing bugs to a party other than Cogoport is forbidden. All bug reports are to remain at the reporter (you) and Cogoport's discretion.
Exploiting/threatening or mis-using any kind of information will automatically disqualify you from participating in the program.
For reporting any system vulnerability/issues/bugs, please investigate and report in a way that makes a reasonable, good faith effort not to be disruptive or harmful to us or our users. Otherwise your actions might be interpreted as an attack rather than an effort to be helpful.
Generally speaking, any bug that poses a significant issue/ vulnerability could be eligible for reward. But it's entirely at our discretion to decide whether a bug is significant enough to be eligible for a reward.
If you are the first to alert us about an issue/bug and it leads us to make a change, we will pay you a reward based on the criticality of the issue reported.
To report any issue/bug/vulnerability you need to be registered with Cogoport.
Things that are not eligible for reward include:
Bugs that have not been responsibly investigated and reported.
Bugs already known to us, or already reported by someone else (reward goes to first reporter).
Issues that aren't reproducible.
Issues that we can't reasonably be expected to do anything about.
Some of the scope of work are listed below. (These are just few examples that can act as guidelines)