Security is important to us at Tamara. We constantly strive to ensure our customers feel safe and secure using our services. If you believe you have discovered a potential security vulnerability on any of our Tamara domains, report your findings to us so we can fix it as soon as possible - and earn rewards!
Your reward will be reflected within 14 days from the date you submitted the report. You will be notified via email, SMS, or push notification.
If you have an account on Bugcrowd, request an invitation to our Vulnerability Disclosure Program (send an invite).
Otherwise, email your findings to email@example.com
Please provide a clear, concise description, along with steps to reproduce, Proof-of-Concept, URL, and details of the vulnerable system when submitting a vulnerability.
Please give us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party. Depending on the severity of the issue, it may take us a few days to get back to you with feedback.
Denial of Service or brute force attacks unless they expose confidential data.
Spam or social engineering techniques conducted on any Tamara employee, vendor or contractor.
Vulnerabilities only affecting users of outdated or unpatched browsers and platforms.
Password policy, Absenc
e SPF/DMARC, Missing Security Header, Self-XSS, Login/Logout CSRF, Lacking CSRF (unless affect sensitive user action).