FireBounty
52235 policies in database
Link to program      
2021-07-28
Home Bargains logo
Thank
Gift
HOF
Reward

Reward

Home Bargains

No technology is perfect, and Home Bargains (TJ Morris Ltd) believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. If you believe you've found a security issue in our product or service, we encourage you to notify us. We welcome working with you to resolve the issue promptly.

Disclosure Policy

  • Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue.

  • Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.

  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.

Bounty Program

To show our appreciation of responsible security researchers, Home Bargains offers a monetary bounty for reports of qualifying security vulnerabilities. Reward amounts will vary based upon the severity of the reported vulnerability, and eligibility is at our sole discretion.

Exclusions

While researching, we'd like to ask you to refrain from:

  • Denial of service

  • Spamming

  • Social engineering (including phishing) of Home Bargains staff or contractors

  • Any physical attempts against Home Bargains property or data centers

In-Scope Domains and Properties

The scope of this program is currently limited to technical security vulnerabilities on Home Bargains' internet applications. See 'Scopes' for full details.

  • https://staging.tjmorrispayslips.co.uk/

Out-of-Scope Domains and Properties

The following areas are currently out-of-scope:

  • In-store systems and EPOS systems

  • Any physical attempts to gain access to our network

  • Third-party systems, including but not limited to:

  • help.homebargains.co.uk

  • jobs.homebargains.co.uk

  • careershub.homebargains.co.uk

  • *.homebargains.co.uk

  • portal.homebargains.co.uk

  • www.tjmorris.co.uk

  • *.home.bargains

  • --- and others not explicitly specified in 'Scopes'

See 'Scopes' for full details.

In Scope

Scope Type Scope Name
web_application

staging.tjmorrispayslips.co.uk

Out of Scope

Scope Type Scope Name
hardware

In-store systems and EPOS systems
other

Any physical attempts to gain access to our network
other

Any third-party systems or domains
web_application

*.homebargains.co.uk
web_application

*.hbweb.io
web_application

*.tjmorris.co.uk
web_application

*.home.bargains
web_application

auth.tjmorrispayslips.co.uk

This program have been found on Hackerone on 2021-07-28.

FireBounty © 2015-2024

Legal notices | Privacy policy