Introduction

At ScholarIQ, we prioritize the security of our learners, partners, and systems. We deeply appreciate the cybersecurity community’s efforts in helping us uphold these standards by identifying potential vulnerabilities. This page outlines the process for reporting suspected security issues related to ScholarIQ’s services or products.

Note: For issues unrelated to security, please visit our Contact Us page.

Rules of Engagement

We encourage responsible reporting to ensure vulnerabilities are addressed efficiently. Please follow these guidelines when submitting a report:

Finder Responsibilities

  • Language: Use English for all submissions.
  • Ethical Behavior: Handle personal data with care and refrain from harmful actions, including social engineering, denial-of-service attacks, physical interference, or spamming.
  • Proof of Concept: Include a detailed Proof-of-Concept or enough information to replicate the vulnerability. Provide the affected target, a description of the issue, and steps to exploit it. Complex cases may need extra details.
  • Minimize Disruption: Avoid exploiting the vulnerability in ways that interrupt ScholarIQ’s services or affect users.
  • Confidentiality: Keep vulnerability details private until resolved under ScholarIQ’s disclosure timeline.
  • One Issue per Report: Submit a single vulnerability per report, unless multiple issues must be combined to show impact.

ScholarIQ Responsibilities

  • Confidentiality: We keep all reports private and won’t share your personal information without permission, unless legally obligated.
  • Prompt Action: We strive to address all reports swiftly.
  • No Rewards Program: ScholarIQ does not offer a bug bounty or recognition program.

Reporting Non-Security Issues

For concerns not related to security, please use the support or contact options available on the ScholarIQ website.

How to Report a Vulnerability

When reporting a vulnerability, include as much detail as possible:

  • A clear explanation of the issue.
  • Steps to reproduce it.
  • Supporting evidence or a Proof-of-Concept, if available.

Please review our guidelines before submitting. Reports can be sent here.

Contact Information

We value your feedback and inquiries. For any questions or assistance, please reach out to us at:
Email: [email protected]

For more information or to get in touch, please visit our Contact Page.