Hemnet believes in responsible disclosure and in open communication with the security community. We take our visitors and customers security seriously and will respond swiftly to fix verifiable security issues as part of our responsible disclosure program.
If you are the first to report a verifiable security issue under our program, you will be eligible for a monetary reward.
Anyone who doesn't work for Hemnet or partners of Hemnet can participate in the program.
We encourage anyone to report security issues to [email protected]
The program scope includes the domain hemnet.se and all subdomains not listed as excluded below.
The following subdomains are excluded (out of scope) from this program:
The following issues are excluded (out of scope) from this program:
Please don't knowingly perform research that could impact other users or the availability of our service. When submitting a report, please keep it short and succinct. If we fail to understand the issue you have reported, we will ask you for clarification.
Hemnet reserves the rights to discontinue the reward program without previous notice at any time.