РОЗНИЧНАЯ ТОРГОВЛЯ
КЛАССИЧЕСКАЯ ЭРА
MISTS

Security / Vulnerability Disclosure Policy

Last updated: March 30, 2026

Raider.IO welcomes good-faith security research and responsible vulnerability disclosure. This page explains how to report security issues to us and what we ask researchers to do while validating a potential issue.

This is a vulnerability disclosure path, not a paid bug bounty program. We do not offer guaranteed compensation, rewards, or bounty payments for submitted reports, and submission of a report does not create any expectation of compensation.

Raider.IO does not engage with reports that intentionally withhold vulnerability details or request payment prior to full disclosure.

How to Report a Security Issue

Please report suspected vulnerabilities by emailing security@raider.io.

Please include as much of the following as you can:

  • The affected URL, feature, workflow, or service.
  • Clear reproduction steps.
  • The security impact you believe the issue has.
  • Screenshots, logs, or a proof of concept when it is safe to share them.
  • Your contact information if you want follow-up.

What You Can Expect From Us

  • We aim to acknowledge receipt within 5 business days.
  • We will share status updates when practical.
  • We may ask follow-up questions if we need more detail to validate or remediate the issue.

Response times and resolution are not guaranteed and may vary depending on the nature and complexity of the report.

Good-Faith Testing Expectations

While researching a vulnerability, please:

  • Test only what is necessary to confirm the issue.
  • Do not access, alter, or retain more user data than is reasonably necessary to demonstrate the issue.
  • Do not use social engineering, phishing, physical intrusion, spam, denial of service, or destructive testing.
  • Do not establish persistence, plant payloads, or exfiltrate data.
  • Stop and report immediately if you encounter sensitive data that you were not intending to access.

Coordinated Disclosure

Please give Raider.IO a reasonable opportunity to investigate and remediate a reported issue before public disclosure. Do not publicly disclose the vulnerability before coordinating with us unless we explicitly agree otherwise.

Scope

The following Raider.IO-controlled targets are generally in scope for this policy:

  • raider.io
  • classic.raider.io
  • era.raider.io
  • raiderioapp.com
  • keystone.guru
  • Other web properties and services that Raider.IO clearly presents as Raider.IO-controlled

The following are generally out of scope for this policy:

  • Third-party vendors, platforms, or services that Raider.IO uses
  • Issues that belong to a vendor unless the vulnerability is caused by Raider.IO's integration or implementation

If you are unsure whether a target is in scope, ask before testing it.

Safe Harbor

If you make a good-faith effort to follow this policy, we will treat your research conducted in accordance with under this policy as authorized. This statement is intended to support coordinated security research, does not apply to activity outside this policy, and is not legal advice.

Raider.IO
Сообщество
Looking for a guild? Ludicrous Speed is looking for raiders!

Raider.IO®, IO Score® © 2017-2026 RaiderIO, Inc. — v0.62.5 (05e61521)


World of Warcraft, Warcraft and Blizzard Entertainment are trademarks or registered trademarks of Blizzard Entertainment, Inc. in the U.S. and/or other countries.


Условия использования  |  Политика конфиденциальности  |  Политика Cookeis  |  Moderation Policy  |  Security

CA Residents Only: Do Not Sell My Personal Information