If you find a security vulnerability on cofasem.com, please contact us immediately. We review all legitimate reports and aim to resolve issues quickly.

Guidelines for Reporting

To ensure your report is handled safely:

* Give us reasonable time to review and fix the issue before sharing it publicly.

* Do not access private accounts without the owner’s consent.

* Avoid actions that could harm privacy, disrupt services, or destroy data.

* Do not exploit the issue for any reason.

* Follow all applicable laws and regulations.

Bounty Program

We reward security researchers who help protect our platform. Bounties are awarded at our discretion based on risk, impact, and report quality.

To qualify:

* Follow the guidelines above.

* Report a valid security vulnerability.

* Submit your report through our security center (do not contact employees directly).

* Disclose any accidental privacy violations in your report.

Rewards

Rewards depend on the severity of the vulnerability:

Severity β€” Reward β€” Examples

Critical β€” $200
Remote code execution, full account access, SQL injection leaking data

High β€” $100
Authentication bypass, sensitive data disclosure, stored XSS

Medium β€” $50
Logic or business process flaws, insecure object references

Low β€” Recognition Only
Open redirects, reflected XSS, low-sensitivity data leaks

Notes:

* The first valid report receives the bounty.

* Multiple bugs from a single underlying issue count as one report.

* Rewards are assessed based on impact, exploitability, and report quality.

Contact Information

Trade Name: Cofasem LLC
Website: cofasem.com
Address: Cofasem, 111 SW 11th Ave, Miami FL 33130, United States
Phone: +1 440 335 0120
Email: contact@cofasem.com