Bug Bounty Program

Program Overview 

At uQualio, security is a priority. We value the work of security researchers and users who help us identify vulnerabilities and improve our platform.

Our goal is to:

  • Maintain a secure and reliable platform
  • Encourage responsible disclosure
  • Build a transparent and fair process

If you believe you’ve found a security issue, we encourage you to report it responsibly.

We reward individuals who responsibly disclose previously unknown vulnerabilities in uQualio.

Scope

The program applies to:

  • uQualio web platform
  • uQualio website
  • uQualio APIs and core services

Out of scope:

  • Feature requests or usability issues
  • Theoretical vulnerabilities without proof
  • Issues in third-party systems not controlled by uQualio

Rewards 

We offer rewards for valid, previously unreported vulnerabilities: Typical range: $25 – $100


Based on:

  • Severity & Impact
  • Quality of documentation

We do not provide rewards for:

  • Unverified or speculative issues
  • Poorly documented submissions

Disclosure Process

  1. Submit Report
    Provide a detailed and documented description of the issue.
  2. Acknowledgement
    We confirm receipt of your report.
  3. Validation
    We assess whether the issue is new or previously reported.
  4. Resolution
    • If new, we will fix it immediately or schedule it
    • You may be asked to verify the fix
  5. Reward Decision
    We determine eligibility and reward level.

Payment Terms 

You must provide a PayPal account for the transfer or a European bank account with IBAN and SWIFT code.

 
Bounty is only paid via:
  • PayPal
  • European bank transfer (IBAN + SWIFT)
  • Payments are processed weekly.
    Please allow up to two weeks after confirmation

Rules & Guidelines 

To qualify for a reward, you must:

  • Report issues directly to support@uqualio.com
  • Not disclose the vulnerability publicly before resolution
  • Avoid accessing or modifying data that is not your own
  • Only test within reasonable limits

Important:

Including recipients other than support@uqualio.com in your report will make it ineligible for a bounty.

How to Submit

Send your report to: support@uqualio.com

Please include:

  • Description of the vulnerability
  • Steps to reproduce
  • Supporting documentation (screenshots, video, etc.)
  • Potential impact (if known)

Only clearly documented and reproducible issues will be considered.

Our Commitment 

We commit to:

  • Reviewing reports promptly
  • Communicating clearly throughout the process
  • Rewarding valid contributions fairly

Thank You

We appreciate your efforts in helping us keep uQualio secure and reliable.

 
uQualio Course creation screen on a laptop