Kommunicate encourages researchers and bounty hunters to report security issues responsibly and
ethically and recognizes them for their efforts on its Hall of Fame page.
How to report?
Kindly submit any observations or reports to our designated email address for security concerns,
We do not provide any monetary rewards as of now. We would love to appreciate your effort by mentioning
your name and profile on our Hall of fame page.
Please note that our internal team, as well as other researchers, have reported some known issues. Any
similar issue reported, will not be eligible for bounty.
The following are not eligible for bounties:
- Previous email login links validation/expiration & Email flooding
- Exploitation based on future login predictions, etc.
- Denial of Service (DOS) and rate limiting issues - including emails
- Enumeration or information disclosure of non-sensitive information
- Any validation without exploitable proof of concept
- Vulnerabilities in third-party components, depending on severity and exploitability
- Security headers issues for public-facing APIs or are not directly leading to any vulnerability