Responsible Disclosure of Security Vulnerabilities

At Jobs Up 4 Bid, we do our absolute best to ensure that our website is as secure as possible. Keeping up with the latest in web security can be a daunting task and new vulnerabilities can appear in new and old products. Freelancer has an amazing community of very skilled users, particularly amongst the highly technical freelancers. We encourage users who find security vulnerabilities to report them to us as soon as possible.

Please submit vulnerabilities to:

security-reporting@Jobsup4bid.com

             

Only security related submissions will be considered. If you wish to encrypt your submission please use the following PGP key.
If you require site-related support please visit the support page.


Do not engage in malicious activity

Examples include denial of service, viewing another user's private data or modifying data without authorization.

overview

Guidelines

Jobs Up 4 Bid recognizes the importance of researchers who contribute to the security of our website. To encourage bug and vulnerability reports, we will commit to not bringing private action nor public inquiry against researchers who follow these guidelines such that the vulnerability:                          

  • is reported to Jobsup4bid.com via the above email as soon as possible                            
  • is not published elsewhere                           
  • exists on a domain owned by Jobs up 4 bid(e.g. *. Jobsup4bid.com,                           
  • is verifiable by the security team                

Please include the following information in your submission                          

  • a proof-of-concept or demonstration of the vulnerability                            
  • detailed instructions on how to reproduce the vulnerability                            
  • an e-mail address we can contact you at

  •                        

Recognition

Vulnerabilities that are deemed especially worthy by the security team may be rewarded in the following ways:                          

  • a name or company of the researcher's choosing published on the Security Hall Of Fame
  •                             
  • a special White Hat badge (shown below) awarded to the researcher's Jobsup4bid.com account

  •                        

overview