Help Us Keep Our Community Safe.
Our Vulnerability Disclosure Program is a partnership with the security community. We invite you to help us identify and resolve potential security issues.
Security is at Our Core.
At Kuanzhai, protecting our customers' data is a top priority. We value the work of independent security researchers and believe that a collaborative approach is essential to maintaining a secure environment.
Program Scope
In Scope
Vulnerabilities found on kuanzhai.co.uk and our official mobile applications. This includes issues like cross-site scripting (XSS), SQL injection, and server-side request forgery (SSRF).
Out of Scope
Reports from automated scanners, social engineering attacks, physical security issues, and denial-of-service (DoS/DDoS) attacks are not in scope for this program.
How to Submit a Report.
To ensure your submission is clear and actionable, please provide a detailed report including a description of the vulnerability, steps to reproduce it, and any proof-of-concept code.
What to Expect After Your Submission?
Acknowledgement
We will acknowledge receipt of your report within 2 business days.
Triage & Validation
Our security team will validate the vulnerability and determine its severity (Critical, High, Medium, Low).
Remediation
We will work diligently to develop and deploy a fix for the issue.
Resolution & Recognition
Once resolved, we will notify you and, with your permission, add you to our Hall of Fame.
