Incident Response
We attach great importance to security issues and welcome all security researchers to report potential security vulnerabilities to us to improve the security of our products and services.
Vulnerability Response and Disclosure Process
Step 1
RecipientMonitor and and assign received vulnerabilities in a timely manner
Step 2
VerificationVerify the vulnerability and confirm the exploitability and impact
Step 3
Solution DevelopmentProvide effective fix solutions or risk remediations measures
Step 4
Affected Scope ConfirmationInvestigate and confirm the complete scope of affected products
Step 5
Release SAReview and publish the security advisory for the security vulnerability
Report Vulnerabilities
You can report vulnerabilities via email. The following are the detailed reporting method:
Mailbox
security@yooksmart.com
As the vulnerability information is extremely sensitive, we strongly recommend you NOT include private
information sending to us.
The email should include at least the following information:
- Your contact information, anonymous email if possible
- Products and versions affected
- Description of the potential vulnerability
- Information about known exploits
- Disclosure plans
- Additional information, if any
Response Time
After receiving the vulnerability you reported, we will send you vulnerability response related information
within 48 hours: For vulnerabilities reported via email, we will send you a vulnerability response notice,
information confirmation and feedback related to the vulnerability via email. The progress of the
vulnerability's solution development will also be continuously updated through email as soon as possible.
If the vulnerability is verified, we guarantee to solve the problem as long as 60 days.
* Note: Actual vulnerability response time may vary depending on the risk level and complexity of the
vulnerability.