Report Security Issue

Please contact us right away if you have found any security weaknesses on Star Connect LLC. All valid reports will be taken seriously, and we will work to fix any verified issues as soon as possible. This security program is managed by STAR Connect LLC.

SECTION 1 – CORE PRINCIPLES

Star Connect LLC will not pursue legal action or an investigation against you if you submit vulnerability reports according to the guidelines below:

1. Allow Reasonable Time: Give us enough time to investigate and fix the issue before public disclosure.
2. Respect User Privacy: Do not retrieve or modify any personal data from other users’ accounts.
3. Act in Good Faith: Avoid service interruptions, data destruction, or disruption to others.
4. Do Not Exploit: Do not use the vulnerability to access sensitive data or escalate risk.
5. Follow Applicable Laws: Your actions must comply with all legal regulations.

SECTION 2 – BOUNTY PROGRAM

Star Connect LLC appreciates the efforts of ethical security researchers. At our sole discretion, we may provide monetary rewards for valid and relevant vulnerability disclosures based on severity and potential risk. To qualify, you must comply with our core principles and report a valid security bug that poses a real risk to our systems.

SECTION 3 – NON-ELIGIBLE SUBMISSIONS

The following issues do not qualify for bounties: Spam, social engineering, phishing reports, missing SPF/DMARC records, Clickjacking on non-sensitive pages, and Denial-of-Service (DoS) attacks.

How to Submit a Report

When reporting a vulnerability, please provide reproduction steps, potential impact, and any relevant screenshots or code snippets.