[{"id":3765162,"new_policy":"# Disclosure Policy\n* Follow HackerOne's [disclosure guidelines](https://www.hackerone.com/disclosure-guidelines).\n\n# Program Rules\nPlease provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.\n* Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.\n* When duplicates occur, we only award the first report received (provided it can be fully reproduced).\n* Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.\n* Social engineering (e.g., phishing, vishing, smishing) is prohibited.\n* Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.\n* Ask the program team **before submitting vulnerabilities on unscoped subdomains**\n* Only interact with accounts you own or with the explicit permission of the account holder.\n\n# Test Plan\n==**[Insert unique plan if applicable, example language below]**==\n* Users can sign up for a free account through our website\n* Please use your **hacker email alias** when testing (h1username@wearehackerone.com)\n* Claim credentials (when applicable) for additional testing\n\n# Session Layer: HTTP Headers\n==**#### [Include if you’d like to better identify incoming hacker traffic]**==\nResearchers should add headers to requests such as:\n* “X-HackerOne-Research: [H1 username]”\n\nThank you for helping keep CSG and our users safe!\n","has_open_scope":null,"pays_within_one_month":null,"protected_by_gold_standard_safe_harbor":null,"protected_by_ai_safe_harbor":null,"disclosure_declaration":null,"introduction":"Cloud Software Group looks forward to working with the security community to find vulnerabilities and keep our businesses and customers safe.","platform_standards_exclusions":["{\"platform_standard\":\"THIRD_PARTY_COMPONENTS_FOR_HACKERS\",\"justification\":\"Third Party Component Vulnerabilities and Misconfigurations are out of Scope\"}","{\"platform_standard\":\"LEAKAGE_SENSITIVE_PII\",\"justification\":null}","{\"platform_standard\":\"THIRD_PARTY_COMPONENTS_FOR_PROGRAMS_CONSUMING_THE_COMPONENT\",\"justification\":\"Third Party Component Vulnerabilities are out of Scope\"}"],"exemplary_standards_exclusions":[],"scope_exclusions":[],"timestamp":"2025-10-27T06:26:12.651Z"},{"id":3764664,"new_policy":"# Disclosure Policy\n* Follow HackerOne's [disclosure guidelines](https://www.hackerone.com/disclosure-guidelines).\n\n# Program Rules\nPlease provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.\n* Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.\n* When duplicates occur, we only award the first report received (provided it can be fully reproduced).\n* Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.\n* Social engineering (e.g., phishing, vishing, smishing) is prohibited.\n* Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.\n* Ask the program team **before submitting vulnerabilities on unscoped subdomains**\n* Only interact with accounts you own or with the explicit permission of the account holder.\n\n# Test Plan\n==**[Insert unique plan if applicable, example language below]**==\n* Users can sign up for a free account through our website\n* Please use your **hacker email alias** when testing (h1username@wearehackerone.com)\n* Claim credentials (when applicable) for additional testing\n\n# Session Layer: HTTP Headers\n==**#### [Include if you’d like to better identify incoming hacker traffic]**==\nResearchers should add headers to requests such as:\n* “X-HackerOne-Research: [H1 username]”\n\nThank you for helping keep CSG and our users safe!\n","has_open_scope":null,"pays_within_one_month":null,"protected_by_gold_standard_safe_harbor":null,"protected_by_ai_safe_harbor":null,"disclosure_declaration":null,"introduction":"Cloud Software Group looks forward to working with the security community to find vulnerabilities and keep our businesses and customers safe.","platform_standards_exclusions":[],"exemplary_standards_exclusions":[],"scope_exclusions":[],"timestamp":"2025-10-15T12:30:46.142Z"},{"id":3764644,"new_policy":"# Disclosure Policy\n* As this is a Public program, please do not discuss about any vulnerabilities (even resolved ones) outside of the program without express consent from the organization.\n* Follow HackerOne's [disclosure guidelines](https://www.hackerone.com/disclosure-guidelines).\n\n# Program Rules\nPlease provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.\n* Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.\n* When duplicates occur, we only award the first report received (provided it can be fully reproduced).\n* Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.\n* Social engineering (e.g., phishing, vishing, smishing) is prohibited.\n* Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.\n* Ask the program team **before submitting vulnerabilities on unscoped subdomains**\n* Only interact with accounts you own or with the explicit permission of the account holder.\n\n# Test Plan\n==**[Insert unique plan if applicable, example language below]**==\n* Users can sign up for a free account through our website\n* Please use your **hacker email alias** when testing (h1username@wearehackerone.com)\n* Claim credentials (when applicable) for additional testing\n\n# Session Layer: HTTP Headers\n==**#### [Include if you’d like to better identify incoming hacker traffic]**==\nResearchers should add headers to requests such as:\n* “X-HackerOne-Research: [H1 username]”\n\nThank you for helping keep CSG and our users safe!\n","has_open_scope":null,"pays_within_one_month":null,"protected_by_gold_standard_safe_harbor":null,"protected_by_ai_safe_harbor":null,"disclosure_declaration":null,"introduction":"Cloud Software Group looks forward to collaborating with the security community to identify vulnerabilities in NetScaler and keep our business and customers secure","platform_standards_exclusions":[],"exemplary_standards_exclusions":[],"scope_exclusions":[],"timestamp":"2025-10-15T06:51:03.604Z"},{"id":3764643,"new_policy":"# Disclosure Policy\n* As this is a Public program, please do not discuss this program or any vulnerabilities (even resolved ones) outside of the program without express consent from the organization.\n* Follow HackerOne's [disclosure guidelines](https://www.hackerone.com/disclosure-guidelines).\n\n# Program Rules\nPlease provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.\n* Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.\n* When duplicates occur, we only award the first report received (provided it can be fully reproduced).\n* Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.\n* Social engineering (e.g., phishing, vishing, smishing) is prohibited.\n* Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.\n* Ask the program team **before submitting vulnerabilities on unscoped subdomains**\n* Only interact with accounts you own or with the explicit permission of the account holder.\n\n# Test Plan\n==**[Insert unique plan if applicable, example language below]**==\n* Users can sign up for a free account through our website\n* Please use your **hacker email alias** when testing (h1username@wearehackerone.com)\n* Claim credentials (when applicable) for additional testing\n\n# Session Layer: HTTP Headers\n==**#### [Include if you’d like to better identify incoming hacker traffic]**==\nResearchers should add headers to requests such as:\n* “X-HackerOne-Research: [H1 username]”\n\nThank you for helping keep CSG and our users safe!\n","has_open_scope":null,"pays_within_one_month":null,"protected_by_gold_standard_safe_harbor":null,"protected_by_ai_safe_harbor":null,"disclosure_declaration":null,"introduction":"Cloud Software Group looks forward to collaborating with the security community to identify vulnerabilities and keep our business and customers safe","platform_standards_exclusions":[],"exemplary_standards_exclusions":[],"scope_exclusions":[],"timestamp":"2025-10-15T06:46:18.759Z"},{"id":3764642,"new_policy":"# Disclosure Policy\n* As this is a Public program, please do not discuss this program or any vulnerabilities (even resolved ones) outside of the program without express consent from the organization.\n* Follow HackerOne's [disclosure guidelines](https://www.hackerone.com/disclosure-guidelines).\n\n# Program Rules\nPlease provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.\n* Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.\n* When duplicates occur, we only award the first report received (provided it can be fully reproduced).\n* Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.\n* Social engineering (e.g., phishing, vishing, smishing) is prohibited.\n* Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.\n* Ask the program team **before submitting vulnerabilities on unscoped subdomains**\n* Only interact with accounts you own or with the explicit permission of the account holder.\n\n# Test Plan\n==**[Insert unique plan if applicable, example language below]**==\n* Users can sign up for a free account through our website\n* Please use your **hacker email alias** when testing (h1username@wearehackerone.com)\n* Claim credentials (when applicable) for additional testing\n\n# Session Layer: HTTP Headers\n==**#### [Include if you’d like to better identify incoming hacker traffic]**==\nResearchers should add headers to requests such as:\n* “X-HackerOne-Research: [H1 username]”\n\nThank you for helping keep CSG and our users safe!\n","has_open_scope":null,"pays_within_one_month":null,"protected_by_gold_standard_safe_harbor":null,"protected_by_ai_safe_harbor":null,"disclosure_declaration":null,"introduction":"The Cloud Software Group looks forward to working with the security community to find vulnerabilities and keep our businesses and customers safe.","platform_standards_exclusions":[],"exemplary_standards_exclusions":[],"scope_exclusions":[],"timestamp":"2025-10-15T06:37:22.777Z"},{"id":3762621,"new_policy":"# Disclosure Policy\n* As this is a private program, please do not discuss this program or any vulnerabilities (even resolved ones) outside of the program without express consent from the organization.\n* Follow HackerOne's [disclosure guidelines](https://www.hackerone.com/disclosure-guidelines).\n\n# Program Rules\nPlease provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.\n* Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.\n* When duplicates occur, we only award the first report received (provided it can be fully reproduced).\n* Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.\n* Social engineering (e.g., phishing, vishing, smishing) is prohibited.\n* Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.\n* Ask the program team **before submitting vulnerabilities on unscoped subdomains**\n* Only interact with accounts you own or with the explicit permission of the account holder.\n\n# Test Plan\n==**[Insert unique plan if applicable, example language below]**==\n* Users can sign up for a free account through our website\n* Please use your **hacker email alias** when testing (h1username@wearehackerone.com)\n* Claim credentials (when applicable) for additional testing\n\n# Session Layer: HTTP Headers\n==**#### [Include if you’d like to better identify incoming hacker traffic]**==\nResearchers should add headers to requests such as:\n* “X-HackerOne-Research: [H1 username]”\n\nThank you for helping keep CSG and our users safe!\n","has_open_scope":null,"pays_within_one_month":null,"protected_by_gold_standard_safe_harbor":null,"protected_by_ai_safe_harbor":null,"disclosure_declaration":null,"introduction":null,"platform_standards_exclusions":[],"exemplary_standards_exclusions":[],"scope_exclusions":[],"timestamp":"2025-09-11T12:15:35.116Z"}]