The Vulnerability

Disclosure Program

Security is important to us at Tamara. We constantly strive to ensure our customers feel safe and secure using our services. If you believe you have discovered a potential security vulnerability on any of our Tamara domains, report your findings to us so we can fix it as soon as possible - and earn rewards!

Reporting your findings:

Your reward will be reflected within 14 days from the date you submitted the report. You will be notified via email, SMS, or push notification.


  • Please provide a clear, concise description, along with steps to reproduce, Proof-of-Concept, URL, and details of the vulnerable system when submitting a vulnerability.

  • Please give us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party. Depending on the severity of the issue, it may take us a few days to get back to you with feedback.

Out-of-scopes techniques

  • Denial of Service or brute force attacks unless they expose confidential data.

  • Spam or social engineering techniques conducted on any Tamara employee, vendor or contractor.

  • Vulnerabilities only affecting users of outdated or unpatched browsers and platforms.

  • Password policy, Absenc

    e SPF/DMARC, Missing Security Header, Self-XSS, Login/Logout CSRF, Lacking CSRF (unless affect sensitive user action).

Nakhla IT Systems LLC, 6901 At Takhassusi Branch Street, Al Rahmaniyah District Riyadh, Saudi Arabia
App QR-Code

Scan and get Tamara app

Tamara is available for Saudi Arabia, Dubai, and Kuwait customers.

Tamara is available for Saudi Arabia, Dubai, and Kuwait customers.

© 2023 Tamara. All Rights Reserved
Follow us