Kalepa values the work done by security researchers in improving the security of our product offerings. We are committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities. We encourage the community to participate in our responsible reporting process.
We encourage anyone to report security issues to security@kalepa.com.
We will investigate legitimate reports and make every effort to quickly correct any vulnerability. To encourage responsible reporting, we will not take legal action against you nor ask law enforcement to investigate you provided you comply with the following Responsible Disclosure Guidelines:
We would like you to format your reports like this:
Name: %name
Twitter: %twitter
Bug type: %bugtype
Domain: %domain
Severity: %severity
URL: %url
PoC: %poc
CVSS (optional): %cvss
CWSS (optional): %cwss
The domains kalepa.com, kalepainsurance.com, kalepa.co, and kalepa.io and any subdomain.
Any typical web security bugs such as:
Typical "no impact" bugs such as: