To keep user data safe and ensure privacy is protected, XUND Solutions GmbH is looking forward to working with the security community to help identify vulnerabilities. If you’re a security researcher or ethical hacker and you’ve found a vulnerability in our products, please let us know by using the VDP form linked below.
When researching our systems, always act in good faith. You must use discovered vulnerabilities only for your own investigation. Keep the discovered vulnerability confidential until you have agreed upon when and how to disclose the vulnerability with XUND. We do not allow you to do security research on our systems and (online) applications that would materially adversely impact the performance or availability.
Please be advised, that currently, we do not offer any form of bounty for any findings. We are not planning on implementing a public bounty system anytime soon.
We would like to point out that this responsible disclosure policy is governed by Austrian law. If you are located in a different country, keep the applicable local law in mind, as other countries may have different laws regarding responsible disclosure. This could mean that you will be subject to local legal recourse or may be subject to agencies enforcing such different local law, even if XUND does not seek legal recourse or file a report at a law enforcement agency.
Write your report with a clear explanation and don’t forget to upload your Proof-of-Concept.
Hackrate supports markdown syntax. You can use it to add formatting elements to your report.
Easily find a specific attack pattern by performing a search of the CAPEC List by keywords(s) or by CAPEC-ID Number. To search by multiple keywords, separate each by a space.
Enter your email to receive updates on the status of your submission. (optional)
You can easily upload pictures, videos and text files up to 150 Megabytes.
By clicking 'Submit', you agree to Hackrate's Terms and Conditions and Privacy Policy.
Powered by