We value the InfoSec community and want to thank you in advance for helping make the internet a safer place. Mackplay considers the trust and the protection of our users’ data a top priority. We want to welcome all security researchers that feel the same.
We acknowledge the valuable role that independent security researchers play in security and as a result, we encourage responsible disclosure of any vulnerabilities that may be found in our website, api or applications. We will not take legal action against, or suspend or terminate the accounts of, researchers who discover and report security vulnerabilities in accordance with this Responsible Disclosure Policy. Mackplay reserves all legal rights in the event of any non-compliance.
For the security of our users and service, we ask that you do not share details of the suspected vulnerability publicly or with any third party without express written consent from Mackplay.
We encourage security researchers to share the details of any suspected vulnerabilities with the Mackplay Security Team by submitting the form found on this page. Mackplay will review the submission to determine if the finding is valid and has not been previously reported. At Mackplay’s discretion, you may be eligible for monetary compensation for your efforts. We require security researchers to include detailed information with steps for us to reproduce the vulnerability.
We reserve all legal rights in the event of noncompliance.
While we encourage you to discover and report to us any vulnerabilities you find in a responsible manner, the following conduct is prohibited:
When reporting vulnerabilities, please consider (1) attack scenario/exploitability, and (2) security impact of the bug. The following issues are considered out of scope:
If you responsibly report a vulnerability in accordance with this policy, we will:
