Scope Updates
Recent changes to bug bounty program scopes.
| Change | Asset | Category | Scope | Program | Platform | Time |
|---|---|---|---|---|---|---|
| Added | any issues with wallet or kyc features (there are third party services) | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | vulnerabilities reported on other services or applications are not allowed | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | *.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | encrypt.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | dm.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | techops.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | cmsdev.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | fiat.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | wp.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | webdev.dana.id | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | all domains or subdomains not listed in the above list of 'scopes' | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | everything which is excluded on this page is also out-of-scope: https://logging.apache.org/security.html | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | jsp tag library | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | couchdb components | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | kafka appender | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | cassandra appender | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | anything related to mailing lists or other asf infrastructure topics | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | https://logging.apache.org | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | dataleaks or 3ds outscale-related vulnerabilities outside the scope of the iaas cloud service | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | e-mail server configuration (dkim/spf/dmarc) | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | same behavior as amazon web services | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | issues not leading to confidentiality, traceability or integrity problems. you can report it to [email protected] | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | vulnerabilities on products or services other than cockpit or apis | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | denial of service attacks | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 | |
| Added | attack against outscale offices (malware, backdoor, dos, etc.) | OTHER | Out of Scope | YesWeHack | 2026-02-21 00:33 |