How to Report a Security Vulnerability
At Busbud, the safety and security of our travelers' data is our top priority. We appreciate the work of the security research community and welcome reports that help us improve our platform.
Reporting a Potential Security Issue
If you believe you have discovered a security vulnerability (such as an issue with password resets, data exposure, or technical flaws), please do not share these details through our general customer support chat or social media channels.
To ensure your report is handled securely and reaches our engineering team immediately, please send all technical details to:
What to Include in Your Report
To help our team investigate and validate the issue as quickly as possible, please include the following in your email:
Vulnerability Type: A brief description of the flaw (e.g., "Password Reset Link Disclosure").
Vulnerable URL: The specific page or API endpoint involved.
Severity: Your assessment of the impact (Critical, High, Medium, or Low).
Proof of Concept (PoC): Clear, step-by-step instructions or screenshots showing how to reproduce the issue.
Our Commitment
Once you submit a report to our security email:
Investigation: We will investigate the finding and determine the appropriate fix.
Confidentiality: We ask that you give us a reasonable amount of time to resolve the issue before making any information public.
Are You a Traveler Needing Help?
If you are having trouble logging into your account, need to change your password, or have questions about a booking, please Contact our Support Team here instead. Our security inbox is strictly for technical vulnerability reports.
Still have a question?
Just drop us a line here. Our expert team will get back to you.
Happy travels!