Bug Report

At CXIHUB security is our first priority, when in it comes to maintaining a secure platform for our clients we leave no stones unturned. Therefore CXIHUB has also adopted a Responsible Disclosure program to avail the benefit of crowdsourcing individuals and research teams, providing a safe path to report discovered vulnerabilities.
The following are guidelines for responsible disclosure of discovered potential security vulnerabilities at cxihub.com.

Send it across to security@cxihub.com without delay. You can expect your mail to be acknowledged within 72 hours.
Please provide the issue with a clear description of the vulnerability and the environment in which it was discovered. Video proof of concept would be appreciable. You can upload the video as unlisted and private to YouTube, Vimeo and provide us the Private link.
You are allowed to disclose the vulnerability at security@cxihub.com only. Do not share any information about the identified problem publicly or with anyone until it has been resolved.
When conducting security testing, make sure not to violate our privacy policies, modify/delete unauthenticated user data, disrupt production servers, or to degrade user experience.
Rewards will be dependent on the severity of the problem and you will, either be acknowledged or given a bounty.
We will respond back to you within 3 working days, also you will get a mail once the issue gets triaged; if not kindly send us the mail again. Types of acceptable vulnerabilities:
  1. Cross-Site Scripting (XSS)
  2. Cross-Site Request Forgery (CSRF)
  3. Unauthorized Cross-Tenant Data Tampering or Access (for multi-tenant services)
  4. Insecure Direct Object References
  5. Injection Vulnerabilities
  6. Authentication Vulnerabilities
  7. Server-Side Code Execution
  8. Privilege Escalation
  9. Significant Security Misconfiguration (when not caused by user)
  10. Directory Traversal
  11. Information Disclosure
  12. Open Redirects
  13. Content Spoofing
Non-Qualifying vulnerabilities:
  1. Logout CSRF
  2. Denial of Service