Responsible Disclosure
At Blutui, we take the security of our systems and users seriously. We appreciate the efforts of ethical hackers and security researchers who help identify vulnerabilities in a responsible manner.
However, please note the following:
No Bug Bounty or Compensation Policy
Blutui does not operate a vulnerability rewards program or offer financial compensation (bug bounties) for disclosed vulnerabilities. By submitting a report or otherwise notifying us of a security issue, you acknowledge and agree that:
You are acting voluntarily and without expectation of compensation.
Blutui is under no obligation to pay you for your time, effort, or any information you provide.
Submission of a vulnerability report does not create any form of contract, partnership, or entitlement between you and Blutui.
Responsible Disclosure Guidelines
We encourage users and researchers to contact us if they believe they have found a potential security issue. However, we ask that any disclosure be accompanied by a complete, clear, and reproducible report. A proper report should include:
A detailed description of the vulnerability.
Steps to reproduce the issue.
Any relevant URLs, parameters, or payloads.
Screenshots, logs, or video proof where appropriate.
An assessment of potential impact, if known.
Reports lacking sufficient detail may not be reviewed.
Please submit responsible disclosure reports to: [security@blutui.com]
Scope and Expectations
We request that you:
Avoid accessing or modifying data that does not belong to you.
Do not disrupt or degrade our services.
Comply with all local, national, and international laws.
Respect user privacy and our platform’s integrity.
Blutui reserves the right to take appropriate legal or administrative action against activities deemed malicious, illegal, or in violation of our terms of use.
We thank you for your help in keeping Blutui secure.