TENCENT WEIYUN EXPANDRIVE FREE
Feel free to contact us if you have any questions.Please take note that any form of vulnerability disclosure prior to consent from Tencent may result in disqualification from the bug Bounty program. The disclosure should be under the authorization of TSRC.In order to protect user privacy, it is strictly forbidden to publicly disclose the vulnerability prior to the report being closed and the vulnerability being fixed.When testing, you must use your own test accounts in order to respect our users’ privacy, especially those which may compromise the privacy of others.Accessing private information of other users, performing actions that may negatively affect Tencent users (e.g., spam, denial of service), or sending reports from automated tools without verifying them will immediately disqualify the report, and may result in additional steps being taken.The vulnerability must demonstrate security impact to a site or application in scope (see Scope below).Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.Submit one vulnerability per report, unless you need to chain vulnerabilities to provide impact.If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward. Please provide detailed reports with reproducible steps.
You must be the first reporter of the vulnerability.However, only reports that meet the following requirements are eligible to receive a monetary reward: Any design or implementation issue that is reproducible and substantially affects the security of Tencent users is likely to be in scope for the program.