API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 19th, 2018
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.11 KB | None | 0 0
raw download clone embed print report
  1. Policy
  2. Security Stance
  3. Security and transparency are top priorities at Chaturbate. Networks are dynamic. The technology, users, data in the systems, risks, and security requirements are ever-changing. Chaturbate knows that security is never perfect and can never be taken for granted. People will discover new ways to intentionally or unintentionally bypass or subvert security.
  4.  
  5. Time can expose new vulnerabilities, and the most effective way to counteract these vulnerabilities is to become aware of them quickly and to fix them immediately with rewards for you.
  6.  
  7. Reporting Guidelines
  8. Submitting clear, detailed reports is highly encouraged. Each report should explain one vulnerability in detail, identify its impact, and most importantly include steps or a "proof of concept" instructions to reproduce the issue.
  9.  
  10. Very low-quality reports, such as those which only contain automated output, will be rejected.
  11.  
  12. Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue.
  13. Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.
  14. Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of service.
  15. Only interact with accounts you own or with explicit permission of the account holder.
  16. Include attachments such as screenshots or proof of concept code as necessary.
  17. Disclose the vulnerability report directly and exclusively to us.
  18. Rewards
  19. Please see our reward table above.
  20.  
  21. To qualify for a reward under this program, you should be the first to report the vulnerability.
  22.  
  23. Scope
  24. At this time, the scope of this program is limited to security vulnerabilities found on Chaturbate and its supporting services. Vulnerabilities reported for other properties may be considered on a case-by-case basis.
  25.  
  26. Exclusions
  27. While researching, refrain from:
  28.  
  29. Interfering with other users of the site
  30. Denial of service
  31. Spamming
  32. Social engineering (including phishing) of staff or contractors
  33. Any physical attempts against property or data centers
  34. Scripting or other automation and brute forcing of intended functionality
  35. The following reports do not qualify
  36. Reports against other sites, such as "stream ripping" or "stream capping" sites
  37. Reports that involve manipulating the room user count
  38. Bugs requiring exceedingly unlikely user interaction
  39. HttpOnly and Secure cookie flags
  40. Reports of software version disclosure
  41. Reporting vulnerabilities that are deemed as accepted risks
  42. Bugs that don’t affect the latest version of modern browsers, or browser extensions.
  43. Safe Harbor
  44. Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
  45.  
  46. Thank you for helping keep Chaturbate and our users safe!
  47.  
  48. View changesNotify me of changesLast updated on July 18, 2018.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!