TaxDome wins Comprehensive Firm Workflow Solutions — CPA Practice Advisor Readers’ Choice Awards 2024. Read more

🔥 Join in-depth webinars to get up to speed on automations, invoicing and team collaboration. Learn more

Bug Bounty Program

Report a Security or Privacy Vulnerability

The TaxDome’s Bug Bounty Policy applies to security vulnerabilities found within TaxDome’s public-facing online environment.

Purpose

The purpose of the Policy is to establish the rules for the review, evaluation, application, and verification of system updates to mitigate vulnerabilities in the IT environment and the risks associated with them. If you believe you have discovered a security or privacy vulnerability in the TaxDome product, please report it to us.

Disabling Cookies

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.

Bounty Eligibility

Any security researcher is required not to take any destructive action that could result in:

  • Loss of data from other users
  • Denial of Service for other users
  • Add to any Block List

In case you suspect that a vulnerability of this kind exists, please report to the TaxDome development team here

Program Rules

Please note, we only pay fees for original reports. In case of a duplicate, we will inform you when the first report was registered.

Ineligible Reports:

  • Everything that is not under our control (third-party services)
  • Everything that requires physical access to device or network
  • Everything that requires outdated versions of software or hardware
  • Social engineering, phishing etc.
  • Recommendations and best practices, as long as there is no specific exploit

How to Report Security or Privacy Vulnerabilities?

  1. If you believe you have discovered a security or privacy vulnerability that affects TaxDome software, services, or web servers, please report it to us.
  2. We welcome reports from everyone, including security researchers, developers, and customers.
  3. To report a security or privacy vulnerability, please report to us here and include relevant videos, crash logs, and system diagnosis reports in your report.
  4. You’ll receive a reply from TaxDome to acknowledge that we received your report. We’ll contact you if we need more information.

Last updated September 12, 2024