SaleshandySalesHandy takes the security of its systems seriously and values the security community. The responsible disclosure of security vulnerabilities helps SalesHandy in ensuring the security and privacy of its users.
We ask that you do not share or publicize an unresolved vulnerability with/to third parties. If you submit a vulnerability report, the SalesHandy security team and associated development teams will use reasonable efforts to investigate all legitimate reports and do our best to quickly fix the problem.
When conducting security testing, make sure not to violate our privacy policies, modify/delete unauthenticated user data, disrupt production servers, or to degrade the user experience.
SalesHandy product scope limits to,
All bugs that are reported are qualified based on its impact on customer’s production data. We will consider other security vulnerabilities if it is making an impact and exploitable with a working non-intrusive POC.
If you believe you’ve found a security vulnerability in SalesHandy then please send it to us by emailing [email protected]. Please include the following details with your report: Description of the location and potential impact of the vulnerability; A detailed description of the steps required to reproduce the vulnerability (POC scripts, screenshots, and compressed screen captures are all helpful to us);
At SalesHandy, we use our Hall of Fame program to recognize people who have responsibly shared one or more security vulnerabilities, enabling us to serve our customers better.
