Find Rentals in Columbus
Homes For Rent
Houses For Rent
Apartments For Rent
See Newest Listings
Explore Listings
Browse Rentals
Browse Houses
Browse Apartments
Property Managers
List Your Rentals
Listings Quality Policy
Renter Resources
Avoid Scams & Fraud
Rent Calculator
Moving Center
Help & Support
About Us
Blog
FAQs
Contact Us
Sign Up
Log In
Legal Information

Responsible Vulnerability Disclosure

Report security vulnerabilities to help us maintain a secure platform. Learn how to disclose potential issues responsibly and protect our community.

Product Security

We are committed to ensuring the safety and security of our platform and protecting our users from fraud and other forms of harm. We greatly value the efforts of security researchers, analysts, and ethical hackers who work to identify and responsibly disclose potential vulnerabilities. Your contributions help us maintain a secure environment for all users.

What Can Be Reported?

We welcome reports of security vulnerabilities or flaws in our products or services. Common examples include, but are not limited to:

  • Cross-site scripting (XSS) vulnerabilities
  • SQL Injection
  • Authentication or authorization flaws
  • Remote code execution
  • Server-side request forgery (SSRF)

While we appreciate all reports, the following issues are considered out of scope and generally not eligible for rewards:

  • Self XSS errors
  • Text injection or local DOM manipulation
  • Email spoofing issues
  • Path disclosure from descriptive errors
  • Fingerprint, IP, or banner disclosure of public services
  • Non-critical Cross-Site Request Forgery (CSRF) issues
  • Rate limiting, Denial of Service (DOS), or Distributed DOS (DDOS) failures
  • Mixed SSL content warnings
  • Physical, social engineering, or phishing exploits
  • Non-sensitive file disclosure (e.g., robots.txt, .gitignore)
  • Brute force issues on non-sensitive endpoints

How to Report a Vulnerability?

To report a vulnerability, please send detailed information to our security team at security@rentalsource.com or use the form on our Contact Us page. Please provide as much detail as possible, including steps to reproduce the vulnerability, potential impact, and any recommended mitigation.

We strive to respond to all vulnerability reports promptly. Once we receive your report, we will acknowledge receipt, investigate the issue, and inform you.

Guidelines for Responsible Disclosure

  • Do Not Exploit: Please do not exploit any vulnerabilities you discover for personal gain or to disrupt our services.
  • No Modification of Data: Do not modify or delete data on our systems without permission.
  • Avoid Service Disruption: Do not perform any actions that may negatively impact the availability or reliability of RentalSource services, including denial of service attacks or rate-limiting bypasses.
  • Allow Time for Response: Please give us reasonable time to address the issue before any public disclosure.
  • Respect Privacy: If you report anonymously, we will respect your privacy and not disclose your identity without your consent.

Anonymous Reports

While we accept anonymous reports, we encourage you to provide a way for us to contact you for follow-up details or to discuss potential rewards. If you choose to remain anonymous, please include a secure method of communication.

Recognition and Rewards

We value the contributions of those who help us maintain safety and security. Depending on the severity and impact of the reported vulnerability, we may offer recognition through public acknowledgment, certificates of appreciation, or other rewards. If you prefer to stay anonymous, we will fully respect your choice.

Ashley Morgan - Founder & CEO
“We prioritize security and appreciate responsible vulnerability disclosures that help us protect our platform and community.”
Ashley Morgan
Founder & CEO
Was this page helpful?  HelpfulUnhelpful