At vidaXL, we consider the security of our systems a top priority. But no matter how much effort we put into system security, there can still be vulnerabilities present. If you discover a vulnerability, we would like to know about it, so we can take steps to address it as quickly as possible. We would like to ask you to help us better protect our clients and our systems.
For us it is important, that our whole webshops are being checked extensively (like homepage, product listing pages, product detail page, cart page, myaccount pages, login page, checkout page, thank you page, etc. and the different functionalities on them (f.e. loyalty programme, payment service provider, etc).
Please take into account the following rules:
Only use the following 3 EAN's when placing test orders
(f.e. www.vidaxl.xx/e/8718475559313) (in case of violation, no bounty can be awarded). These are product EANs for products you can use to test.
Note: not all EANs are avaiable on all webshops, as assortment can be different per webshop.
Shared codebase disclaimer:
All shops (TLDs) in scope use the same code-base and backend. If a specific issue has already been found in another vidaXL shop the report will be regarded as a duplicate.
For Salesforce assets, the following rules apply: https://help.salesforce.com/articleView?id=000356579&type=1&mode=1
Thank you for browsing our pages and helping protect our shop and our customers!