File: /var/www/quadcode/frontend/src/vulnerability-disclosure-policy.html
<!DOCTYPE html>
<html lang="en">
<head>
<base href="/" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta content="true" name="HandheldFriendly" />
<meta content="width" name="MobileOptimized" />
<meta content="yes" name="apple-mobile-web-app-capable" />
<title>Quadcode - Vulnerability Disclosure Policy</title>
<link
href="https://fonts.cdnfonts.com/css/proxima-nova-2"
rel="stylesheet"
/>
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
<link
href="https://fonts.googleapis.com/css2?family=Russo+One&display=swap"
rel="stylesheet"
/>
<!-- STAR FAVICON -->
<link
rel="shortcut icon"
type="image/x-icon"
href="./assets/static/favicon.ico"
/>
<!-- END FAVICON -->
<meta name="description" content="" />
<% if (process.env.APP_ENV === 'production') { %> <%=
require('html-loader!./html/_gtm.html').default %> <% } %>
</head>
<style>
.skip-animation * {
transition-duration: 0ms !important;
}
</style>
<script src="https://code.createjs.com/1.0.0/createjs.min.js"></script>
<body class="skip-animation js-history-animation">
<%= require('html-loader!./html/_gtmBody.html').default %>
<script>
const skip = document.querySelector(".skip-animation");
skip.classList.remove("skip-animation");
</script>
<div id="root">
<!-- START PRELOADER -->
<%= require('html-loader!./html/_preloader.html').default %>
<!-- END PRELOADER -->
<!-- START HEADER -->
<%= require('html-loader!./html/header.html').default %>
<!-- END HEADER -->
<div class="terms-conditions">
<div class="container">
<div class="terms-conditions__title titleM">
<h1>Vulnerability Disclosure Policy (VDP)</h1>
</div>
<div class="terms-conditions__term">
<p>
At <strong>Quadcode</strong>, we prioritize the security of our
systems, data, and users. We appreciate the efforts of security
researchers in identifying potential vulnerabilities and helping
us improve our security posture.
</p>
<p>
Our official <strong>Vulnerability Disclosure Policy</strong> is
hosted on Intigriti, a trusted bug bounty platform that ensures a
structured and efficient process for reporting security
vulnerabilities.
</p>
<p>
We kindly request that all security reports be submitted through
our <strong>Intigriti program</strong>, where they will be
promptly reviewed and handled by our security team.
</p>
</div>
<div class="terms-conditions__term">
<h2>How to Report a Security Vulnerability</h2>
<p>
If you have discovered a security vulnerability affecting our
systems, please follow these steps:
</p>
<ol>
<li>
<p>
Visit our official Vulnerability Disclosure Program (VDP) on
Intigriti.
<a
href="https://app.intigriti.com/programs/quadcode/qcvdp"
target="_blank"
>Submit a report here.</a
>
</p>
</li>
<li>
<p>
<strong>Carefully review the program details</strong> on
Intigriti, including:
</p>
<p></p>
<ul>
<li>
<p>
<strong>Scope</strong> – a list of assets that are
in-scope and out-of-scope
</p>
</li>
<li>
<p>
<strong>Rules of engagement</strong> – guidelines on what
types of testing are allowed and prohibited
</p>
</li>
<li>
<p>
<strong>Submission requirements</strong> – what details
should be included in a valid report
</p>
</li>
<li>
<p>
<strong>Eligibility and rewards</strong> – criteria for
valid submissions and potential recognition
</p>
</li>
</ul>
</li>
<li>
<p>
<strong>Submit your report through Intigriti</strong>,
ensuring that you provide:
</p>
<ul>
<li><p>A clear description of the issue</p></li>
<li><p>Steps to reproduce</p></li>
<li><p>Potential impact</p></li>
<li><p>Suggested remediation (if applicable)</p></li>
</ul>
</li>
<li>
<p>
<strong>Do not publicly disclose</strong> the vulnerability
before we have had an opportunity to investigate and remediate
the issue.
</p>
</li>
</ol>
</div>
<div class="terms-conditions__term">
<h2>Scope</h2>
<p>
For a list of in-scope assets, testing guidelines, and reward
eligibility, please refer to our
<strong>Intigriti VDP page</strong>.
</p>
<p>
<strong>Our Commitment</strong>
</p>
<ul>
<li>
<p>
We will acknowledge your report within a reasonable timeframe.
</p>
</li>
<li>
<p>We will provide updates on the remediation process.</p>
</li>
<li>
<p>
We will recognize your contribution if the report is valid and
impactful.
</p>
</li>
</ul>
<p>
By submitting a report, you agree to follow
<strong>responsible disclosure principles</strong> and comply with
applicable laws.
</p>
</div>
</div>
</div>
<!-- START FOOTER -->
<%= require('html-loader!./html/footer.html').default %>
<!-- END FOOTER -->
<!-- START _MENU-MOBILE -->
<%= require('html-loader!./html/_menu-mobile.html').default %>
<!-- END _MENU-MOBILE -->
<!-- START _POPUP-COOKIE -->
<%= require('html-loader!./html/_popup-cookie.html').default %>
<!-- END _POPUP-COOKIE -->
</div>
<!-- START _COUNTER -->
<%= require('html-loader!./html/_counter.html').default %>
<!-- END _COUNTER -->
</body>
</html>