{"id":25748,"date":"2023-05-08T10:38:00","date_gmt":"2023-05-08T14:38:00","guid":{"rendered":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/?page_id=25748"},"modified":"2024-01-04T08:39:53","modified_gmt":"2024-01-04T13:39:53","slug":"vulnerability-disclosure-program","status":"publish","type":"page","link":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/vulnerability-disclosure-program\/","title":{"rendered":"Vulnerability Disclosure Program"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">At Looka, we take the security of our platform and our users&#8217; data very seriously. We welcome and encourage security researchers to report any vulnerabilities they may find in our web application, so that we can quickly address them and keep our platform safe and secure.<\/span><\/p>\n<p><strong>Scope:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">The program applies to all Looka web application assets and services.<\/span><\/p>\n<p><strong>Eligibility:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">We appreciate all vulnerability reports that are submitted to us in good faith. We will review each submission on a case-by-case basis, but generally, the following criteria must be met for the vulnerability to be considered eligible for a reward or recognition:<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">1. The vulnerability must be previously unknown and not publicly disclosed<\/span><\/li>\n<li><span style=\"font-weight: 400;\">2. The vulnerability must affect the confidentiality, integrity, or availability of our web application or user data<\/span><\/li>\n<li><span style=\"font-weight: 400;\">3. The vulnerability must be reproducible<\/span><\/li>\n<li><span style=\"font-weight: 400;\">4. The vulnerability must be reported to us in a responsible and ethical manner, without exploiting it for any personal gain or harm<\/span><\/li>\n<\/ul>\n<p><strong>How to report a vulnerability:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">If you believe you have found a vulnerability in Looka&#8217;s web application, please submit a report to us via email at <a href=\"mailto:vdp@looka.com\">vdp@looka.com<\/a>. Please include the following information in your report:<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">1. Detailed steps to reproduce the vulnerability<\/span><\/li>\n<li><span style=\"font-weight: 400;\">2. The impact of the vulnerability<\/span><\/li>\n<li><span style=\"font-weight: 400;\">3. Any technical details or proof of concept code that could be helpful in reproducing the issue<\/span><\/li>\n<li><span style=\"font-weight: 400;\">4. Your name or pseudonym (if you wish to remain anonymous)<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Please do not publicly disclose the vulnerability until it has been resolved and you have received permission to do so from Looka&#8217;s security team.<\/span><\/p>\n<p><strong>Rewards:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">We appreciate the time and effort it takes to find and report security vulnerabilities, and we want to thank security researchers for their contributions. We may offer rewards for eligible vulnerability reports at our discretion. Rewards may include monetary compensation or recognition on our website.<\/span><\/p>\n<p><strong>Response:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">Once we receive your vulnerability report, we will acknowledge it within 7-10 business days. Our security team will review the report and determine its validity and severity. We will keep you informed of the status of the report and our progress in addressing the vulnerability. We aim to resolve all reports as quickly as possible, and we appreciate your patience as we work to address any issues.<\/span><\/p>\n<p><strong>Legal:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">We will not take legal action against individuals who submit vulnerability reports to us in good faith.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h1>Hall of Fame<\/h1>\n<p>Looka thanks the following individuals who have helped the improve the security of our systems, data and ICT resources by reporting vulnerabilities. We are very grateful for your hard work.<\/p>\n<ul>\n<li>Suraj Gupta x 8| <a href=\"https:\/\/www.linkedin.com\/in\/suraj-shah-661734273\">LinkedIn<\/a><\/li>\n<li>Priyanshu Parmar x4 | <a href=\"https:\/\/www.linkedin.com\/in\/priyanshuparmar\">LinkedIn<\/a><\/li>\n<li>Md Sojib Islam Nirob x 3 | <a href=\"https:\/\/www.facebook.com\/md.s0jib.islam.nir0b\">Facebook<\/a><\/li>\n<li>Sanjay Lakhara x 3 | <a href=\"https:\/\/www.linkedin.com\/in\/sanjay-lakhara-40a237274\/\">LinkedIn<\/a><\/li>\n<li>Muhammad Shayan x 3 | <a href=\"https:\/\/www.linkedin.com\/in\/muhammad-shayan-31280a174\">LinkedIn<\/a><\/li>\n<li>Shane Bostick x 3 | <a href=\"https:\/\/www.linkedin.com\/in\/bostickshane\/\">LinkedIn<\/a><\/li>\n<li>Durvesh Kolhe x 2 | <a href=\"https:\/\/www.linkedin.com\/in\/durvesh-kolhe-012b54211\">LinkedIn<\/a><\/li>\n<li>Mangesh Muley x2 | <a href=\"https:\/\/www.linkedin.com\/in\/mangesh-muley-877a26229\">LinkedIn<\/a><\/li>\n<li>Fabian Mucke<\/li>\n<li>Charly Juegos | <a href=\"https:\/\/www.linkedin.com\/in\/luiscarlossec\">LinkedIn<\/a><\/li>\n<li>Mikael Santos | <a href=\"https:\/\/www.linkedin.com\/in\/mikael-santos-a18489284\">LinkedIn<\/a><\/li>\n<li>Andrea Bocchetti | <a href=\"https:\/\/www.linkedin.com\/in\/andreabocchetti\/\">LinkedIn<\/a><\/li>\n<li>Manav | <a href=\"https:\/\/www.linkedin.com\/in\/manav-967a79271\/\">LinkedIn<\/a><\/li>\n<li>Somnath Guli (Ryan) | <a href=\"https:\/\/www.linkedin.com\/in\/0xl30\">LinkedIn<\/a><\/li>\n<li>Tim Brendon | <a href=\"https:\/\/vegacyberlabs.com\/\">Website<\/a><\/li>\n<li>Himanshu Sondhi<\/li>\n<li>Syed Hanzalah (GhostBlade) | <a href=\"https:\/\/www.linkedin.com\/in\/syed-hanzalah-ghostblade-b7085b295\/\">LinkedIn<\/a><\/li>\n<li>Kunal Mhaske | <a href=\"https:\/\/www.linkedin.com\/in\/kunal-mhaske-59928a170\/\">LinkedIn<\/a><\/li>\n<li>Tirth A Patel | <a href=\"https:\/\/www.linkedin.com\/in\/tirth-patel-3b24b127b\">LinkedIn<\/a><\/li>\n<li>Dipendranath Tarafder | <a href=\"https:\/\/twitter.com\/dip_tarafder\">X<\/a><\/li>\n<li>Mohamed Usman | <a href=\"https:\/\/www.linkedin.com\/in\/mohamed-usman-428a81203\">LinkedIn<\/a><\/li>\n<li>Tushar Bhosale | <a href=\"https:\/\/www.linkedin.com\/in\/tushar-bhosale-1b834422b\/\">LinkedIn<\/a><\/li>\n<li>Prathamesh B Vilayatkar | <a href=\"https:\/\/www.linkedin.com\/in\/prathamesh-vilayatkar-8a9588201\">LinkedIn<\/a><\/li>\n<li>Paranjay Singh | <a href=\"https:\/\/www.linkedin.com\/in\/p474nj4y\/\">LinkedIn<\/a><\/li>\n<li>Nikhil Chaudhari | <a href=\"https:\/\/www.linkedin.com\/in\/nikhil-chaudhari-9408bb269\">LinkedIn<\/a><\/li>\n<li>Mukul Goyal | <a href=\"https:\/\/twitter.com\/itz_mg_\">X<\/a><\/li>\n<li>Aajinath Kanhere | <a href=\"https:\/\/www.linkedin.com\/in\/aajinath-kanhere-222406250\/\">LinkedIn<\/a><\/li>\n<li>Parmeshwar Dattu Kanhere | <a href=\"https:\/\/www.linkedin.com\/in\/parmeshwar-kanhere-19605225b\">LinkedIn<\/a><\/li>\n<li>Aman Verma | <a href=\"https:\/\/www.linkedin.com\/in\/aman-verma-alpha\">LinkedIn<\/a><\/li>\n<li>Irwan | <a href=\"https:\/\/www.linkedin.com\/in\/attacker-attacker-6712b3266\/\">LinkedIn<\/a><\/li>\n<li>Ayush Aggarwal | <a href=\"https:\/\/www.linkedin.com\/in\/iamayusha\">LinkedIn<\/a><\/li>\n<li>Vaibhav Survase<\/li>\n<li>Tejas Mane | <a href=\"https:\/\/www.linkedin.com\/in\/tejas-mane-413241244\">LinkedIn<\/a><\/li>\n<li>Mehedi Hasan (SecMiners BD) | <a href=\"https:\/\/www.facebook.com\/polapain13337\">Facebook<\/a><\/li>\n<li>Luka Zimonjic | <a href=\"http:\/\/linkedin.com\/in\/luka-zimonji\u0107-0700a5231\">LinkedIn<\/a><\/li>\n<li>Mohit Kumar | <a href=\"http:\/\/www.linkedin.com\/in\/mohitkumar786\">LinkedIn<\/a><\/li>\n<li>Amin Bunyatov | <a href=\"https:\/\/www.linkedin.com\/in\/bunyatov\">LinkedIn<\/a><\/li>\n<li>Parth Narula | <a href=\"https:\/\/scriptjacker.in\/\">Website<\/a><\/li>\n<li>Ravi Sunkara | <a href=\"http:\/\/www.linkedin.com\/in\/ravisunkara2\">LinkedIn<\/a><\/li>\n<li>Pranav K | <a href=\"https:\/\/www.linkedin.com\/in\/pranav-k-12b121170\">LinkedIn<\/a><\/li>\n<li>Aniket Kamboj | <a href=\"https:\/\/www.linkedin.com\/in\/aniket-kamboj-9b985b217\/\">LinkedIn<\/a><\/li>\n<li>Shubham Sharma | <a href=\"https:\/\/www.linkedin.com\/in\/secshubhamsharma\/\">LinkedIn<\/a><\/li>\n<li>Sahaj Gautam | <a href=\"https:\/\/www.linkedin.com\/in\/sahaj-gautam-1648771b3\/\">LinkedIn<\/a><\/li>\n<li>Ayush Kumar | <a href=\"https:\/\/www.linkedin.com\/in\/ayush-kumar-66177021b\">LinkedIn<\/a><\/li>\n<li>Faizan Ahmed | <a href=\"https:\/\/www.linkedin.com\/in\/faizan-ahmed-830444236\">LinkedIn<\/a><\/li>\n<li>Foysal Ahmed | <a href=\"https:\/\/twitter.com\/foysal1197\">X<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>At Looka, we take the security of our platform and our users&#8217; data very seriously. We welcome and encourage security researchers to report any vulnerabilities they may find in our web application, so that we can quickly address them and keep our platform safe and secure. Scope: The program applies to all Looka web application [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v15.6.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerability Disclosure Program | Looka<\/title>\n<meta name=\"description\" content=\"We welcome and encourage security researchers to report any vulnerabilities they may find with Looka. Please submit a report to vdp@looka.com.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/vulnerability-disclosure-program\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerability Disclosure Program | Looka\" \/>\n<meta property=\"og:description\" content=\"We welcome and encourage security researchers to report any vulnerabilities they may find with Looka. Please submit a report to vdp@looka.com.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/vulnerability-disclosure-program\/\" \/>\n<meta property=\"og:site_name\" content=\"Looka\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/facebook.com\/lookadesign\/\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-04T13:39:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.logojoy.com\/wp-content\/uploads\/20190402110136\/looka_blue.png\" \/>\n\t<meta property=\"og:image:width\" content=\"3202\" \/>\n\t<meta property=\"og:image:height\" content=\"3202\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@lookadesign\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"3 minutes\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/#organization\",\"name\":\"Looka\",\"url\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/\",\"sameAs\":[\"https:\/\/facebook.com\/lookadesign\/\",\"https:\/\/instagram.com\/lookadesign\/\",\"https:\/\/ca.linkedin.com\/company\/looka\/\",\"https:\/\/youtube.com\/channel\/UCEKWKzxgyde1SjZIydF_4iQ\",\"https:\/\/twitter.com\/lookadesign\"],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/cdn.logojoy.com\/wp-content\/uploads\/20190402110136\/looka_blue.png\",\"width\":3202,\"height\":3202,\"caption\":\"Looka\"},\"image\":{\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/#website\",\"url\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/\",\"name\":\"Looka\",\"description\":\"#1 Free Logo Maker\",\"publisher\":{\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/vulnerability-disclosure-program\/#webpage\",\"url\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/vulnerability-disclosure-program\/\",\"name\":\"Vulnerability Disclosure Program | Looka\",\"isPartOf\":{\"@id\":\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/#website\"},\"datePublished\":\"2023-05-08T14:38:00+00:00\",\"dateModified\":\"2024-01-04T13:39:53+00:00\",\"description\":\"We welcome and encourage security researchers to report any vulnerabilities they may find with Looka. Please submit a report to vdp@looka.com.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/vulnerability-disclosure-program\/\"]}]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","_links":{"self":[{"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/pages\/25748"}],"collection":[{"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/comments?post=25748"}],"version-history":[{"count":70,"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/pages\/25748\/revisions"}],"predecessor-version":[{"id":28247,"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/pages\/25748\/revisions\/28247"}],"wp:attachment":[{"href":"https:\/\/wordpress-715453-3009179.cloudwaysapps.com\/wp-json\/wp\/v2\/media?parent=25748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}