Introduction

We now expand the Bug Bounty Program to include security bugs. It's designed to make our product and service more stable and reliable and reward those who help us in this endeavor.

File Storage Reward

Starting from 2012, we began to receive reports from our customers about file corruptions. We've been told that, after saving a file and closing XMind application, that file will not be opened any more. Although only a few people met this problem, the loss of user data is definitely intolerable for the XMind team, not to mention our customers. Frustratedly, neither the reporters nor the XMind team have been able to reproduce this bug. It seems to happen in an unpredictable manner and at random moments.

During the past time, we have done many improvements to the file storage architecture, like automatic backup to Black Box, etc. Now that we receive fewer of this kind of reports recently, we still want to know why it happened. To resolve it completely and offer a more stable, professional-level product, we decide to pay "USD 5,000" for people who can help us with this file corruption issue. Below are the details of this issue.

What you should do:

For understanding what consists an XMind file, here is a reference of XMind File Format.
If you would like to start from the source, you can download a copy of XMind source code.

Security Reward

Security is always a very important subject, both for websites and desktop applications. In fact, we do have received some issue reports about security even before we began this bug bounty program. We want to say "Thank you all very much!" And we believe it's the time to run this security reward now. We will contact people who is the first one submitting a specific issue and offer the reward.

Considering that security vulnerabilities may be used by malicious attackers, we decide not to list known issues publicly. However, you can still submit the report and when we receive it, we will check and confirm if or not what you submit is a new issue. Of course, we can share more details about that reported issue privately. Beg your understanding.

Other Bugs

Issues other than the above categories should not be submitted here, but to our support center. We also have a developer forum for those who are interested in contributing to XMind application. Although there is no reward plan for normal bug reports, we sincerely appreciate all your work that helps making XMind products better.

General Guidelines