Our Commitment to Security
At bxss.io, we take the security of our systems and our users' data very seriously. We value the role of the security community in helping us maintain a safe platform. If you believe you have discovered a vulnerability in our application, infrastructure, or services, we strongly encourage you to report it to us as quickly as possible.
Reporting a Vulnerability
If you have found a security vulnerability, please do not disclose it publicly until we have had a chance to fix it. Instead, please report the vulnerability to our security team by emailing us at:
When reporting a vulnerability, please include as much information as possible to help us reproduce and address the issue:
- A detailed description of the vulnerability and its potential impact
- Steps to reproduce the vulnerability (including any specific payloads or tools used)
- The affected URLs, endpoints, or components
- Any relevant screenshots or video recordings demonstrating the issue
- Your contact information for further communication
Guidelines and Rules
To protect our users and infrastructure, we request that you adhere to the following rules:
- Do not exploit a vulnerability further than necessary to establish its existence.
- Do not attempt to access, modify, or delete data belonging to other users.
- Do not degrade or disrupt the performance of our services (e.g., DoS/DDoS attacks).
- Do not use automated scanners or tools that generate significant traffic.
- Do not perform social engineering, phishing, or physical attacks against our maintainers or users.
Our Response Process
When we receive a vulnerability report, we will:
- Acknowledge receipt of your report within a timely manner.
- Investigate the issue and confirm its existence.
- Work diligently to mitigate and resolve the vulnerability.
- Keep you updated on our progress throughout the process.