At this time, the scope of this program is limited to security vulnerabilities found on the Kiiroo website. Also included in the scope are the FeelConnect, FeelPerformer and FeelVR apps found in the Apple store and Google Play.
For account access issues or visual layout and website functionality bugs, please contact email@example.com which will resolve those issues independently.
Exceptions & Rules
Any activity that would disrupt, damage or adversely affect any third-party data or account is not allowed. Please do not mass create accounts to perform testing against Kiiroo applications and services. Also do not perform brute force testing to determine whether rate limiting is in place for particular APIs or pieces of functionality.
The following are strictly prohibited:
– Denial of Service attacks.
– Physical attacks against offices and data centers.
– Social engineering of our service desk, employees or contractors.
– Compromise of Kiiroo users or employees account.
– Automated tools or scans, botnet, compromised site, end-clients or any other means of large automated exploitation or use of a tool that generates a significant volume of traffic.
All security bugs may be reported at the following e-mail address: firstname.lastname@example.org.
We will try keep in contact and try to resolve any issues related to the bug as soon as possible following close communication with you.