Loans For Her believes all responsible disclosure of any security vulnerabilities identified by any security research is an important part of the commitment to make sure that exact quality standards for the security of these all systems. It is a responsible disclosure policy intended to provide security research clear and all guidelines for operating weakness to discover small and big activities to spread our main characteristics in how to submit discovered easiness to us. A disclosure needs mutual trust, respect, and transparency between all participants of the security residents.

If someone has found a main or plausible security vulnerability in any Loans for her owned software or source code, then please directly report it to us without any worry. We will love to work with you to save our customers and our software in a better way.

We will first admit receipt of your weakness report as soon as possible, and in this scenario, your main report is a valid issue then we will strive to send all the daily updates about our progression. If you are concerned about the status of your disclosure report, then you can text us anytime on behalf of your report chat section. If you do not receive any response from us within a time, then feel free to follow up on your report chat.

Disclosure Process

An observer should always make sure to avoid any privacy violations, a decline of all user experience, upheaval to production systems, and wastage or control of data.

The observer does not use any exploits to the extent essential to confirm the company of any existing or possible security exposure and never uses manipulation to pivot to other systems.

The researcher should not report any security exposure through public media channels, or any other party concerned without any first written consent, instead, the report directly to the Loans for her disclosure program.

We first prefer all communication to be in the English language, also please include all the basic information earned like tools used, and any other environments used while testing, and reporting.

Do not apply the following actions:

• Placing malware, such as a virus, worm, or any other virus.

• Modifying, copying, or deleting system data.

• Making modifications to the system.

• Accessing the system regularly or sharing access with others.

• Accessing systems with so-called "brute force" methods.

• Utilizing social engineering or the denial-of-service technique (phishing, vishing, spam, etc.).

• Physical security attacks, social engineering, distributed denial of service, spam, and third-party applications are prohibited.

• Delete all obtained or exfiltrated data immediately as soon as it is reported.

• Don't do anything that could affect not only the system's availability and performance but also the data's privacy and integrity.

• Please refrain from submitting many low-quality security vulnerability reports.