Lead generation forms, pages and overlays.
We encourage and reward contributions by developers and security researchers who help make Jumplead more secure. We provide rewards and/or public recognition for security vulnerabilities that are responsibly disclosed to us.
We will determine on a quarterly basis which bugs are considered as candidates for reward, as well as the final reward recipients.
Only original, previously unreported bugs will be qualified for credit. In the event of a duplicate submission, only the earliest received report is considered. Bugs are limited to currently supported browser versions and must be reproducible.
Please include the exact input data and the operation used and please do not run automated scans with applications, if we see submissions from anyone we've found to scan the system, this will be considered a DDoS attack and will be marked invalid.
Please note, when researching for a vulnerability, only use accounts you own. Do not attempt to use another user's account. We reserve the right to turn down any report we find invalid and revise or cancel the program at any time.
All research must not violate any law, or disrupt or compromise any data that is not your own.
Don’t attempt to gain access to another user’s account or data.
Don’t perform any attack that could harm the reliability/integrity of our services or data. DDoS/spam attacks are not allowed.
Don’t publicly disclose a bug before it has been fixed.
Do not impact other users with your testing.
Don’t use scanners or automated tools to find vulnerabilities.
Never attempt non-technical attacks such as social engineering, phishing, or physical attacks against our employees, users, or infrastructure.
When in doubt, contact us.
We will respond as quickly as possible to your submission.
We will keep you updated as we work to fix the bug you submitted.
We will not take legal action against you if you play by the rules.