Description

Moralis is a blockchain technology platform providing developers with backend infrastructure for building and scaling decentralized applications (dapps). This page is a safe way for you to communicate found bugs in a responsible way. All contributions are highly appreciated.

Bounties

Responsible disclosure

Rules of engagement
Not applicable
Not applicable
Not applicable
Not applicable

By participating in this program, you agree to:

  • Respect the Community Code of Conduct
  • Respect the Intigriti Terms and Conditions
  • Respect the scope of the program
  • Not discuss or disclose vulnerability information without prior written consent (including PoC's on YouTube and Vimeo)
Domains

*.bigmoralis.com

No Bounty
URL

*.grandmoralis.com

No Bounty
URL

*.moralis.io

No Bounty
URL

*.moralisapp.com

No Bounty
URL

*.moralishost.com

No Bounty
URL

*.moralisweb3.com

No Bounty
URL

*.usemoralis.com

No Bounty
URL
In scope

We at Moralis are fully commited to ensuring the highest security for our clients and partners. Working together with the security research community is an important part of our mission to ensure the security of our services. If you have information about a vulnerability in a Moralis website or web application, we want to hear from you!

This Vulnerability Disclosure Form is a safe channel where you can share your findings in case you have discovered a critical vulnerability.

Out of scope

Domains

Application

  • Session not expiring after password reset
  • Weak password policy
Severity assessment

This program follows Intigriti's contextual CVSS standard

FAQ

Where can we get credentials for the app?

You can self-register at https://moralis.io. Please use your intigriti.me account.

Can I get a paying account?

No, in this VDP we are not providing paying accounts.

All aboard!
Please log in or sign up on the platform

For obvious reasons we can only allow submissions or applications for our program with a valid intigriti account.

It will only take 2 minutes to create a new one or even less to log in with an existing account, so don't hesitate and let's get started. We would be thrilled to have you as part of our community.

Researchers
last contributors
logo
logo
logo
logo
logo
logo
leaderboard
logo
logo
logo
logo
logo
logo
Overall stats
submissions received
26
average payout
N/A
accepted submissions
16
total payouts
€1,500
Last 90 day response times
avg. time first response
< 16 hours
avg. time to decide
< 2 days
avg. time to triage
< 24 hours
Activity
10/6
Moralis
closed a submission
10/6
Moralis
accepted a submission
10/6
Moralis
accepted a submission
10/6
Moralis
accepted a submission
10/6
Moralis
closed a submission
10/5
logo
created a submission
10/4
logo
created a submission
10/4
logo
created a submission
10/4
logo
created a submission
10/2
Moralis
accepted a submission