submit bug report:https://www.olacabs.comPolicy
We request you not to do any public disclosure of a bug before it has been fixed.
Please understand that due to high number of submissions, it might take a bit of time in order to fix the vulnerability reported by you. Therefore, give us reasonable amount time to respond to you before you go public.
Share the security issue in detail. At times, we might ask for more information (if required).
Please do not access to another user’s account or data without permission.
Please be respectful with our existing applications, and we request you not to run test-cases which might disrupt our services.
Do not use scanners or automated tools to find vulnerabilities. They’re noisy and might result in suspension of your user account / IP Address.
We also request you not to attempt attacks such as social engineering, phishing. These kind of bugs will not be considered as valid ones, and if caught, might result in suspension of your account.
Vulnerabilities made public before the fix are not eligible for bounty reward
Policy:
https://www.olacabs.com/whitehat
