ePrivacy and GPDR Cookie Consent by Cookie Consent Responsible vulnerability disclosure - Eleving Group

Responsible vulnerability disclosure

Eleving Group is committed to ensuring the information security and protection of our information resources against cyber threats. We encourage responsible security vulnerability disclosure as set in this policy and welcome any security researchers to report security flaws in our services and resources.


This policy applies to the following domains:


We expect reports about vulnerabilities such as Cross-Site Scripting (XSS), SQL injections, encryption flaws, remote code execution, authentication flaws, etc.

The following test types are not authorized:
Legal Disclosure

We accept vulnerability reports for the scope listed above and we agree not to pursue legal action in good faith against individuals who:

We reserve the right to accept or reject any reports on any vulnerabilities and act upon it in accordance with our internal rules and procedures.

How can you report?

If you believe that you have discovered a vulnerability in our information resources, please contact us at security@eleving.com and include the following information:

What do we expect from you?

Please note that during the vulnerability research, it is crucial that you follow these rules:

What to expect from us?

We do not offer financial compensation, but when the reported vulnerability will be resolved, we may provide assistance and information for the researcher’s publication and promote their contribution, if there has been a mutual agreement on it.