Glitch Reward

Programme

Howdy There!

Our app Cozy Stay has been constructed with sophisticated
encryptions and codes.It is flawless in every way imaginable.
Your mission, if you choose to accept it, is to find glitches in
our program and bring them to our notice.Upon doing so,
you will recieve a reward for the same. So gear up for the
opportunity of a lifetime.

Event Policy

Rules and Regulations



Card image cap

The participants must possess a sound and
profound knowledge of coding to be eligible
to be considered for this event.

Card image cap

The Participants shall prepare a bug report
and submit it to the developing team along
with a solution to it.

Card image cap

Participants are advised not to attempt
to gain access to another user's account
or data.

Card image cap

Participants must not conduct any attack
that could harm the reliability/integrity of
our services or data.

Card image cap

Participants shall not do DDoS/
spam attacks.

Card image cap

Participants must not publicly disclose a
bug before it has been fixed.

Card image cap

The Participants should not attempt non-
technical attacks such as social engineering,
phishing, or physical attacks.

Card image cap

The Participants shall receive a rewards for
accepted bug fixes and a certificate of
appreciation as well.

Card image cap

Any disputes regarding any provision of
these terms shall be dealt with by
arbitration proceedings.

Rewards Terms and Conditions


...

The Company believes that the
security bugs are orginal and
previously unreported.


...

The Participant must not be an employee, contractor, or otherwise have a business relationship with
Cozy Stay.




...

The Company should be able to
reproduce the bug.


...

The Company has absolute
discretion to decide whether a bug
is significant enough to be eligible for a reward.


Ineligible
Vulnerabilities



  •   Clickjacking Attacks
  •   Self-type Cross-Site Scripting(Self-XSS)
  •   CSRF Issues On Actions With Minimal Impact
  •   Cache Poisoning
  •   Denial of Service Attacks(Dos)
  •   Application Stack Trace Disclosure
  •   Missing SPF Records
  •   Vulnerabilities That Require Man In The Middle (MiTM) Attacks
  •   Brute Force Attacks