Unqork is in the business of developing secure no-code solutions. We appreciate any effort done by security researchers to discover and responsibly disclose potential vulnerabilities. Depending on the severity of the issue, we may elect to provide a reward or add your name and social media contact to our hall of fame.
If you would like to report a vulnerability in one of our products or services, or have security concerns regarding Unqork software or systems, please email psirt@unqork.com.
To support a timely and effective response to your report, please include the following:
Unqork takes all vulnerability reports very seriously and aims to rapidly respond and verify the vulnerability before taking the necessary steps to address it. After an initial reply to your disclosure, which should be directly after receiving it, we will update you periodically with our response and remediation status.
Vulnerabilities associated with the below domains or the Unqork No Code Platform is within scope.
Download Burp Configuration File (2 Domains) – Last Updated: 07/13/2022
Below are the list of vulnerabilities that generally qualify to receive a reward or hall of fame:
Testing should not be conducted against any of our customer environments or against our employees. If there is any evidence of malicious activity, we reserve the right to reject any recognition or rewards associated with the report. Do not perform automated scans against the environments in scope, any findings from automated scanners are not in scope.
Vulnerabilities associated with the below domains or the Unqork No Code Platform is not within scope.
Security issues related to Unqork-owned domains/properties that we have already assessed for risk and will address in future are generally out of scope and include the following:
It is highly recommended to use Unqork’s PGP key to send reports to us. Below is our public key:
BEGIN PGP PUBLIC KEY BLOCK
xsFNBGLYNsUBEADeRaQQJR0H6Zyjm3MMSoNX5ZsbjR38kVQ0wJINVk3a13b6HQ+m6NWVS2HzbR5GtsWZIiy4JjhmD7e+hqMhSr10hEX9GKhO46HO/uuy943Ao+E4529CpRe/POKU1Tj5htgauCfq2eMqswRHej20wCF/ctRjA+inSFh5MgmTUOLtsJZt/PjU5HSwDI1YyqJnwhl04IgwUQe+5jA0an0W3cFlh6J+p8Q8D55vEIhGHnGRh/Rkr8Zue21yTAvhC7TqhOCmfUaXcUQse5/rsYGsEC+LmPantYWoel8ca3W9p/gPcOI60roU7fXtiHWV8h++lzZMwX8wK45+d817IWKsl5ZuyIRAnfvu4ph66LoAEXGrU6sv/sW8LsCdkizhvi9kypPciaQ3K+KAhIhg7gkKM0EdA6lvph2YmXDaKpMzJgk6RSZRHObFBy9lg7p7T7UhhIvAIhAG/mJ4IYflpLrwuGivinKO9aN5WBTXUamPG0aFrUvEN6jE7sXyVW6a+TWycJe3Nb5yUqnmT+QOoYX4ftKtpneU97opwo1YinvNC3LmC51xEu9TuUXnMntmFaLoNV1l9AWXVkq3z96bVjFlfuBWPYxTva3NXvIy+CxNLzw8+bnvKzvqREGlDtWsSHoGUnpIAs0SNgmf7L/Rhx/XmMu6ONa2YYDjHpNarljRBNEIJwARAQABzSNQcm9kdWN0IFNlY3VyaXR5IDxwc2lydEB1bnFvcmsuY29tPsLBigQQAQgAHQUCYtg2xQQLCQcIAxUICgQWAAIBAhkBAhsDAh4BACEJEB00CcQVQjGMFiEESdsg76MjLYHgSE/7HTQJxBVCMYzlQA//Q2jq1oNvxRsew52iX9RQE2uWiq1UQ1jFkzp04fy84UeGIfTYRKckKiEfkJSNi6UhKTNdNi+EyOIuKEPaK71cwC3KjTumfR+67XNtTTcers7armYkY03FDRMAFiAnG6gJs4Gaf5E6t/wvEmqd7eSP6v0lNi9J9wihK2ZBcJSVHf+07nWG3dyS8wBNxQVfxtKNTE2S7OsjV9aE/aJz+f0XUSPpBvozeQgI/GiOz0zaarke2TYPMOtZsI+pGxFIRb5nXg1SGdTQIoRULzTzQAe8I2uB3tXC3R0lSOI84T9857TDMsGYH43PhPzAnY9L2dKM1GYXUobvoeAHCWgGHsDBR2LUnJNeE5RaeyTyHuNCjpMhBoHtK5Tv+xGNuAg28iDVRqfdqp/CtfQ5HDFZMfGgXjbioh6pLwbtS83j1IiBT6zTzAXTMabwIIVYkKNV8rZ71FSrFfXMxZhMw4+Fj/EcY10bQwDWzNPH8LJej00K336fY/oXmpdiWf8gqU8Jn4PvRhdzKqdT6JWLZQFo6hUUtSF65WAHLaWZXpqnwvteX5LCxe31B6P1ySMdfjZIvksqVjRRkNRGy5fMcH0WEqVJ3WOK1G2KkFyDz+ifY5GbbAxCtH6kDNPxpMiyQAA+pRRvIwi3HZFE8/dv6WN6s65S719U9x2iES265RtDWuDa2NbOwU0EYtg2xQEQALw3p70XcpSMvijMeI7ZtIITJzWEKwA5t4LVUWOrzum7mYFJNG4wlmsnIKTd2087x9ANJTwdmzhHjyBnHmmQEwEDiyg5txXgo7cZiikV/0AwvdYqwfnw+o73gd9A1ak6aXhLqXDdCpaqyJE4akqXUuRqO2KxE8rG/6uaoIKnr8WvvMAFBPrRUtilXSfJ19kwTi6vwB9TE65o1yfc4vzqXqDs6V1bH3HQ45mX/KV4lXf8sHY3LQdnsV2TefSQp+vGVgkYmZwC95dtWIMX6R+JfIHEypgiOmfJqy3JjuMn9PultEbpwzPgSpo5ogPah+YNmT12tN1COkj4hz3O67gi3LHIvm7ca2XUV7MsqGAIgi/DncZNdn6xnAGBgHmkJrhJq3IETELWpCGDsBzdpYFzlTM/IfEjaLYO1/uTgR6R8zVBZTDWcaLXKZ0vxsOUZUi/eoIBVtF4BL1+CALIwvLUs7tXNhRB9+Fi4HhzB/yxcW2et90djbK0YqTmU4CYNzKXIWRzSe5JrRj/QhlIr6b3g823Lwc/fZjNqBks4JLVYoxhGI4v+Q8GZ1zKfuXJGJvIvHyUSh6y8wqeD2UjqSvwph8doz3/YuF7faHJYPfng8ZD7ZIil8xS6w2A9YG+fBXZlqHvQAi+vcG0AKRkB0LY3n4O6kWHvFbcVvHFGqVzwX1ABEBAAHCwXYEGAEIAAkFAmLYNsUCGwwAIQkQHTQJxBVCMYwWIQRJ2yDvoyMtgeBIT/sdNAnEFUIxjOy/D/4nM34OuwFmDv3GRq5VBAAq8UEoBKvdPpVsw27IMFqMQxCkBjNH5ZasYqc+4evktqjdM/1Li2DS8p/ZUMRCMWRcoX1/CzAaGNJMnEZmCiHu84aTwnNLxve4ehGhcXMlckRx//tt6HURzq9f/i6oMZLc6xIAMQb9mvMq9aG1clyGkHW+SR1o9l3b7H37+a4eXnZa7OaoayBLYIGV8kBooZUREQAmcjAHB8bM3jJ4seKYgLaEqf5BpC0N7oSrce4UC0SC0Gjg7WUbRXVRWmBipV4xsA6ukgS0kXofXSovPSmt/z4Spp2rmjLfzj4mHuRApu278tp4wVeh3BnHjwCWlCp9SemLodHw1Za0LOmRWhsV4dfp+kwO/fuDerwsX3LhaQ5JOSXIPxmTVjeub1weEJ6Cq2AANfP4tGlWkCQw2d+j+lHry6F92EQ2suAmi2zI0ayxP8v9jF44D1lziDnK8JvKvVBHtuN1Xk3vV5iGaLEAT08c5U+e3IY4tI/w5te+bNOjoyPapfQrYlMkXe2ZWYh0OOqrry1ebSR0bdNv3f3HgxjYq0JY5nhmuVX3la/m9lXNpZmjRlNOInhYN9qZWoSSVpQqAaSzF/bnXU5qU/l27Zv9quq8bWkfP2GWo2sjqwJorCrjIW/RD950hcZzPwJ1tL/rQkwd9GNYEx8YzRO0wg===FiVd
Thank you to all of our security researchers below for responsibly disclosing vulnerabilities with us: