Report Vulnerability
Help Us Keep Astrowani Safe & Secure
At Astrowani, the security and privacy of our users are our highest priorities. We are committed to providing a safe and reliable platform where users can connect with experienced astrologers for online consultations with confidence.
If you discover a security vulnerability, technical weakness, or any issue that could potentially affect the confidentiality, integrity, or availability of our website, mobile application, or user data, we encourage you to report it responsibly. Your cooperation helps us improve our platform and protect the interests of our users.
What Should Be Reported?
We welcome reports related to genuine security vulnerabilities, including but not limited to
1. Unauthorized access to user accounts or sensitive information.
2. Authentication or login security issues.
3. Security vulnerabilities affecting user data or privacy.
4. API or server security weaknesses.
5. Cross-Site Scripting (XSS), SQL Injection, CSRF, or similar vulnerabilities.
6. File upload vulnerabilities.
7. Broken authentication or authorization controls.
8. Security issues affecting payment or consultation systems.
9. Any other vulnerability that may compromise the security of Astrowani or its users.
Responsible Disclosure Guidelines
We request that all security researchers and users follow responsible disclosure practices:
1. Report vulnerabilities privately and allow us reasonable time to investigate and resolve the issue.
2. Do not publicly disclose the vulnerability before it has been addressed by our security team.
3. Do not attempt to access, modify, delete, or download user data beyond what is necessary to demonstrate the issue.
4. Do not perform activities that may disrupt our services or negatively impact other users.
5. Do not exploit vulnerabilities for personal benefit or malicious purposes.
Information to Include in Your Report
To help us investigate your report efficiently, please provide:
1. A detailed description of the vulnerability.
2. Steps to reproduce the issue.
3. Affected URL(s) or feature(s).
4. Screenshots or screen recordings (if applicable).
5. Browser, device, operating system, and app version (if relevant).
6. Any proof-of-concept that safely demonstrates the issue.
Providing complete information helps us resolve security concerns more quickly.
Our Commitment
Once we receive your report, our security team will:
1. Acknowledge receipt of your report.
2. Review and verify the reported issue.
3. Investigate the vulnerability as quickly as possible.
4. Take appropriate corrective action where necessary.
5. Keep your information confidential throughout the investigation process.
Please note that while we appreciate responsible security research, submission of a vulnerability report does not guarantee financial rewards or bug bounty payments unless explicitly announced through an official Astrowani Bug Bounty Program.
Contact Our Security Team
If you believe you have identified a security vulnerability, please contact our security team at:
Email: security@astrowani.com
or
Use our Contact Us page and select “Security / Vulnerability Report” as the subject.
Our Commitment to Security
Astrowani continuously works to improve the security of its website and mobile application by implementing industry-standard security practices and regularly monitoring for potential threats. We sincerely appreciate the efforts of security researchers and responsible users who help us maintain a secure environment for everyone.
Thank you for helping us keep Astrowani safe, secure, and trusted for all users.
