Vulnerability Disclosure Policy
Last Modified: March 23, 2021
If you are a security researcher and believe that you have discovered a security bug or vulnerability in any of our Services, we appreciate your help in disclosing that vulnerability in a responsible manner. Event Temple will engage with security researchers when vulnerabilities are reported to us in accordance with this Vulnerability Disclosure Policy. We will validate, respond and fix vulnerabilities in accordance with our commitment to security and privacy.
Security researchers are prohibited from deliberately:
• Executing or attempting to execute any “Denial of Service” attack.
• Posting transmitting, uploading, linking to, sending or storing any Malicious Software.
• Social engineering, distributed denial of service or spam.
• Testing in a manner that would degrade the operation of Event Temple services.
• Testing third party applications or websites or services that integrate with or link to Event Temple services without express written consent.
• Taking advantage of the vulnerability, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying data.
Share the details of any suspected vulnerabilities with the Event Temple Security Team by sending an email to firstname.lastname@example.org. Please do not publicly disclose these details without express written consent from Event Temple. Please include the following:
• Vulnerability details with information to allow us to efficiently reproduce your steps.
• Your email address.
If you identify a verified security vulnerability in compliance with this Vulnerability Disclosure Policy, Event Temple commits to:
• Promptly acknowledge receipt of your vulnerability report.
• Provide an estimated timetable for resolution of the vulnerability.
• Notify you when the vulnerability is fixed.