Submit bug report: http://kadince.com@kadinceco
Vulnerability Reporting Policy
The Kadince security team acknowledges the valuable role that independent security researchers play in Internet security. Keeping our customers’ data secure is our number-one priority, and we encourage responsible reporting of any vulnerability that may be found in our site or application. Kadince is committed to working with the security community to verify and respond to any potential vulnerability that is reported to us.
Reporting a Potential Security Vulnerability
Privately share details of the suspected vulnerability with Kadince by sending an email to security@kadince.com
Provide full details of the suspected vulnerability so the Kadince security team may validate and reproduce the issue
Kadince Does Not Permit the Following Types of Security Research:
Causing, or attempting to cause, a Denial of Service (DoS) condition
Accessing, or attempting to access, data or information that does not belong to you
Destroying or corrupting, or attempting to destroy or corrupt, data or information that does not belong to you
The Kadince Security Team Commitment
To all security researchers who follow this Kadince Vulnerability Reporting Policy, the Kadince security team commits to the following:
To respond in a timely manner, acknowledging receipt of your report
To provide an estimated time frame for addressing the vulnerability
To notify the reporting individual when the vulnerability has been fixed
No Compensation
Kadince does not compensate people for reporting security vulnerability, and any requests for such compensation will be considered a violation of the conditions above. In such an event, Kadince reserves all of its legal rights.
Policy:
http://www.kadince.com/legal/security_policy
