Naspers values the input of the security community to create a more secure Internet and welcomes the opportunity to collaborate with community members who share this common goal.
This coordinated vulnerability disclosure program (VDP) is limited to security vulnerabilities identified within Naspers's public online presence. Please review the program contents before submitting your findings.
For the initial prioritization/rating of findings, this program will use theBugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.
This program only awards points for VRT based submissions.
Target name | Type
*.naspers.com | Website
*.naspers.fr | Website
*.naspers.us | Website
*.naspersventures.com | Website
*.naspers.co | Website
*.naspers.co.in | Website
*.prosus.com | Website
Testing is only authorized on the target listed as In-Scope. _Any domain/property of Naspers not listed in the targets section is out of scope. This includes any/all subdomains not listed above. If you believe you've identified a vulnerability on a system outside the scope, please reach out to firstname.lastname@example.org before submitting._
https://www.naspers.com is our corporate website. Researchers are invited to test all aspects of this application by following the guidelines detailed in this program.
The following submisssion types will not be rewarded (as per Bugcrowd's Vulnerability Rating Taxonomy):
When conducting vulnerability research according to this policy, we consider this research to be:
If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please inquire via email@example.com before going any further.
This program follows Bugcrowd’s standard disclosure terms.
|Scope Type||Scope Name|
The progam has been crawled by Firebounty on 2019-09-13 and updated on 2019-09-15, 69 reports have been received so far.