The Bug Bounty Program is a reward payment program for detecting security problems in services and applications.

Short.cm has launched a program to search for vulnerabilities and bugs. The program will help to make our service safer, better and more functional, as well as the participants pleased with rewards. Short.cm takes care of every customer. We are responsible for keeping personal information secure, so it is stored according to strict privacy guidelines and requirements.

We believe that we can become even better, so we are happy to announce the launch of the bug bounty program!

The description of the program

The bug must meet some requirements to participate in the bug bounty program:

  1. Give access to other people's private data.
  2. Allow you to take actions on behalf of other customers.
  3. Seriously affect service stability.

An example of a valid security issue:

  1. Under some conditions, I can see the full link list of another person.

An example of an invalid issue:

  1. If a user leaves his laptop unattended, I can change his password on Short.cm.

When you notice an appropriate bug, you must send a report through email or chat support. The report has to contain:

  • A detailed description of the found vulnerability.
  • A detailed description of the steps to reproduce the discovered bug or a working confirmation of its presence (Proof-of-Concept).

After that, we study and evaluate the information you sent. We'll inform you about the results as soon as possible.

You can tell us about any types of bugs. We will always find time and resources to review them and thank you for your searches.


What did you learn?

  • security bug bounty program;
  • bug bounty;
  • shortcm and rewards for bugs;
  • short links;

Read also: