Responsible Disclosure

Responsible Disclosure Policy

At YJED, the security and privacy of our users — and their pets — is a top priority. We are committed to protecting our systems and the data we handle. If you discover a security vulnerability in any of our platforms (website, app, APIs, or hardware), we appreciate your help in responsibly disclosing it to us.

How to Report a Security Vulnerability

If you believe you've found a potential vulnerability, please contact us immediately at:

Email: [email protected]

Include the following in your report:

• A detailed description of the issue
• Steps to reproduce (POC – Proof of Concept)
• Affected URL(s), endpoints, or systems
• Any relevant screenshots or logs

What You Can Expect from Us

• We'll acknowledge your report within 72 hours.
• We'll investigate and validate the issue.
• We'll keep you informed throughout the resolution process.
• We may credit you publicly for your responsible disclosure (with your permission).

Guidelines for Responsible Disclosure

To ensure user safety and ethical standards, please:

• Do not access, modify, or delete user data.
• Do not disrupt our services (e.g., DDoS, spam).
• Do not use the vulnerability for any form of exploitation.
• Do not share or disclose the vulnerability publicly until we've had a chance to fix it.

Exclusions

While we welcome reports on real vulnerabilities, the following are not considered in scope:

• Clickjacking on non-sensitive pages
• HTTP headers without sensitive impact
• Use of outdated libraries without exploitable paths
• Spam or social engineering
• Rate limiting issues (unless they pose a real security risk)

Thank You

We truly appreciate the time and effort of security researchers and ethical hackers. Your contributions help keep YJED a trusted and secure platform for pet lovers everywhere.

Last updated: 19 June 2025