{"id":44807,"date":"2021-10-22T13:09:48","date_gmt":"2021-10-22T13:09:48","guid":{"rendered":"http:\/\/casavi.com\/de\/?page_id=44807"},"modified":"2021-10-28T13:03:38","modified_gmt":"2021-10-28T11:03:38","slug":"bug-bounty-program","status":"publish","type":"page","link":"https:\/\/casavi.com\/en\/bug-bounty-program\/","title":{"rendered":"The casavi Bug Bounty Program"},"content":{"rendered":"\n<div class=\"wp-block-group alignfull is-style-casavi-slant\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"acf-block-casavi-responsive-spacer clearfix has-space-xs-1 has-space-md-2\" id=\"block_6169844fd5db1\"><\/div>\n\n\n\n<h1 class=\"has-text-align-center wp-block-heading\">The casavi Bug Bounty Program<\/h1>\n\n\n\n<div class=\"acf-block-casavi-responsive-spacer clearfix has-space-xs-2 has-space-md-4\" id=\"block_61698405d5db0\"><\/div>\n<\/div><\/div>\n\n\n\n<div class=\"acf-block-casavi-responsive-spacer clearfix has-space-xs-1 has-space-md-2\" id=\"block_6172b8322d685\"><\/div>\n\n\n\n<p>The casavi bug bounty program rewards hacking experts for making us aware of bugs or weaknesses inside our system so that we can fix them before any harm is done. We believe that responsible disclosure should be the standard.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How it works<\/h2>\n\n\n\n<ol class=\"wp-block-list\"><li>Make sure you understand the scope and adhere to our program rules<\/li><li>Apply for our program by writing an email to&nbsp;<a href=\"mailto:security@casavi.de?subject=Application%20for%20bug%20bounty%20program&amp;body=I%20want%20to%20apply%20to%20the%20casavi%20bug%20bounty%20program.%0D%0A%0D%0AMy%20name%3A%20____________%0D%0AMy%20street%20address%3A%20___________%0D%0A%0D%0ABest%20regards%2C\">security@casavi.de<\/a><\/li><li>Find a bug<\/li><li>Email us the bug<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">About casavi<\/h2>\n\n\n\n<p>casavi is a software as a service providing digital solutions to property management companies. It provides them with a customer portal including&nbsp;24\/7 document access, ticketing system and messaging for their customers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"scope\">Scope<\/h2>\n\n\n\n<p>This Program solely targets our web application accessible under&nbsp;<a href=\"https:\/\/staging.mycasavi.com\/\">https:\/\/staging.mycasavi.com<\/a>. The report must be reproducible on currently supported versions and operating systems. Vulnerabilities need to be documented in a way that they can be reproduced. Please send screen-shots, code, video; whatever helps to understand the flaw.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"non-qualifying-vulnerabilities\">Non-Qualifying Vulnerabilities<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Issues located within third-party components<\/li><li>Social Engineering<\/li><li>Physical attacks<\/li><li>Research that results in spam, harassment or any kind of unauthorized communication<\/li><li>Using data acquired by compromising customer or employee accounts<\/li><li>Denial of service attacks<\/li><li>Vulnerabilities in our marketing websites (casavi.de)<\/li><li>Issues in our DNS domains<\/li><li>Vulnerabilities which are purely hypothetical or already publicly known or variations of such, including vulnerabilities that are made possible by exploiting another reported vulnerability.<\/li><li>CORS configuration<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"eligibility-and-disclosure\">Eligibility and Disclosure<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>You must agree and comply with our program rules<\/li><li>You must be the first person to responsibly disclose an unknown issue<\/li><li>You must not publicly disclose the vulnerability prior to our public disclosure<\/li><\/ul>\n\n\n\n<p>We will review each report thoroughly and get in contact with you as soon as possible. Please allow a week for our initial response and try to be fair when attacking our server and not interrupt the service.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"rewards\">Rewards<\/h2>\n\n\n\n<p>Rewards are awarded (apart from our deep respect and thankfulness) depending on the severity up to 250 EUR.<\/p>\n\n\n\n<p>We will carefully classify each report in these categories and choose a reward.<\/p>\n\n\n\n<div class=\"acf-block-casavi-responsive-spacer clearfix has-space-xs-2 has-space-md-4\" id=\"block_6172b84e2d686\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The casavi Bug Bounty Program The casavi bug bounty program rewards hacking experts for making us aware of bugs or [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_trash_the_other_posts":false,"editor_notices":[],"footnotes":""},"class_list":["post-44807","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.1.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The casavi Bug Bounty Program - EN - casavi.com\/en<\/title>\n<meta name=\"description\" content=\"Die casavi Plattform vernetzt Eigent\u00fcmer, Mieter, Verwalter, Facility Manager und weitere Dienstleister auf intelligente Art und Weise.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/casavi.com\/en\/bug-bounty-program\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The casavi Bug Bounty Program - EN - casavi.com\/en\" \/>\n<meta property=\"og:description\" content=\"Die casavi Plattform vernetzt Eigent\u00fcmer, Mieter, Verwalter, Facility Manager und weitere Dienstleister auf intelligente Art und Weise.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/casavi.com\/en\/bug-bounty-program\/\" \/>\n<meta property=\"og:site_name\" content=\"EN - casavi.com\/en\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-28T11:03:38+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/casavi.com\/en\/bug-bounty-program\/\",\"url\":\"https:\/\/casavi.com\/en\/bug-bounty-program\/\",\"name\":\"The casavi Bug Bounty Program - EN - casavi.com\/en\",\"isPartOf\":{\"@id\":\"http:\/\/casavi.com\/en\/#website\"},\"datePublished\":\"2021-10-22T13:09:48+00:00\",\"dateModified\":\"2021-10-28T11:03:38+00:00\",\"description\":\"Die casavi Plattform vernetzt Eigent\u00fcmer, Mieter, Verwalter, Facility Manager und weitere Dienstleister auf intelligente Art und Weise.\",\"breadcrumb\":{\"@id\":\"https:\/\/casavi.com\/en\/bug-bounty-program\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/casavi.com\/en\/bug-bounty-program\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/casavi.com\/en\/bug-bounty-program\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/casavi.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The casavi Bug Bounty Program\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/casavi.com\/en\/#website\",\"url\":\"http:\/\/casavi.com\/en\/\",\"name\":\"EN - casavi.com\/en\",\"description\":\"Connected work. Easy management.\",\"publisher\":{\"@id\":\"http:\/\/casavi.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/casavi.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/casavi.com\/en\/#organization\",\"name\":\"EN - casavi.com\/en\",\"url\":\"http:\/\/casavi.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/casavi.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/casavi.com\/en\/wp-content\/uploads\/sites\/3\/cropped-cropped-cropped-casavi-Icon.png\",\"contentUrl\":\"https:\/\/casavi.com\/en\/wp-content\/uploads\/sites\/3\/cropped-cropped-cropped-casavi-Icon.png\",\"width\":512,\"height\":512,\"caption\":\"EN - casavi.com\/en\"},\"image\":{\"@id\":\"http:\/\/casavi.com\/en\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The casavi Bug Bounty Program - EN - casavi.com\/en","description":"Die casavi Plattform vernetzt Eigent\u00fcmer, Mieter, Verwalter, Facility Manager und weitere Dienstleister auf intelligente Art und Weise.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/casavi.com\/en\/bug-bounty-program\/","og_locale":"en_US","og_type":"article","og_title":"The casavi Bug Bounty Program - EN - casavi.com\/en","og_description":"Die casavi Plattform vernetzt Eigent\u00fcmer, Mieter, Verwalter, Facility Manager und weitere Dienstleister auf intelligente Art und Weise.","og_url":"https:\/\/casavi.com\/en\/bug-bounty-program\/","og_site_name":"EN - casavi.com\/en","article_modified_time":"2021-10-28T11:03:38+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/casavi.com\/en\/bug-bounty-program\/","url":"https:\/\/casavi.com\/en\/bug-bounty-program\/","name":"The casavi Bug Bounty Program - EN - casavi.com\/en","isPartOf":{"@id":"http:\/\/casavi.com\/en\/#website"},"datePublished":"2021-10-22T13:09:48+00:00","dateModified":"2021-10-28T11:03:38+00:00","description":"Die casavi Plattform vernetzt Eigent\u00fcmer, Mieter, Verwalter, Facility Manager und weitere Dienstleister auf intelligente Art und Weise.","breadcrumb":{"@id":"https:\/\/casavi.com\/en\/bug-bounty-program\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/casavi.com\/en\/bug-bounty-program\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/casavi.com\/en\/bug-bounty-program\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/casavi.com\/en\/"},{"@type":"ListItem","position":2,"name":"The casavi Bug Bounty Program"}]},{"@type":"WebSite","@id":"http:\/\/casavi.com\/en\/#website","url":"http:\/\/casavi.com\/en\/","name":"EN - casavi.com\/en","description":"Connected work. Easy management.","publisher":{"@id":"http:\/\/casavi.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/casavi.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"http:\/\/casavi.com\/en\/#organization","name":"EN - casavi.com\/en","url":"http:\/\/casavi.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/casavi.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/casavi.com\/en\/wp-content\/uploads\/sites\/3\/cropped-cropped-cropped-casavi-Icon.png","contentUrl":"https:\/\/casavi.com\/en\/wp-content\/uploads\/sites\/3\/cropped-cropped-cropped-casavi-Icon.png","width":512,"height":512,"caption":"EN - casavi.com\/en"},"image":{"@id":"http:\/\/casavi.com\/en\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/pages\/44807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/comments?post=44807"}],"version-history":[{"count":0,"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/pages\/44807\/revisions"}],"wp:attachment":[{"href":"https:\/\/casavi.com\/en\/wp-json\/wp\/v2\/media?parent=44807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}