Skip to content

Report Security Vulnerabilities in reNgine

huntr

Introduction

Security Researchers, welcome onboard! I am excited to announce bug bounty program for reNgine in collaboration with huntr.dev, this means you'll be rewarded for any security vulnerabilities discovered in reNgine.

Thank you for your interest in reporting vulnerabilities to reNgine! If you are aware of potential security vulnerabilities within reNgine, we encourage you to report immediately via huntr.dev

Danger

Please do not disclose any vulnerabilities via Github Issues/Blogs/Tweets after/before reporting on huntr.dev as it is explicitly against huntr.dev and reNgine disclosure policy and will not be eligible for monetary rewards.

Please note that the maintainer of reNgine does not determine the bounty amount. The bounty reward is determined by industry-first equation from huntr.dev to understand the popularity, impact and value of repositories to the open source community.

Expectation from Security Researchers

  • Patience: Please note that currently I am the only maintainer in reNgine and will take sometime to validate your report. I request your patience throughout the process.
  • Respect Privacy and Security Reports: Please do not disclose any vulnerabilities in public (this also includes github issues) before or after reporting on huntr.dev! That is against the disclosure policy and will not be eligible for monetary rewards.
  • Respect the rules

What do Security Researchers get in return

  • Much thanks from Maintainer
  • Monetary Rewards
  • CVE ID(s)

Please find the FAQ and Responsible disclosure policy from huntr.dev.

How do I report?

You can report the security vulnerabilities from here.