Project: Web App Security Audit (CIS Payroll Platform)

We need an independent application-layer security audit of a UK CIS payroll & HMRC submission web app.

www.paycis.co.uk

This is not a basic port scan — we already have infrastructure scanning.

Scope (high level): • Authentication & session handling • Role-based access control (user / admin / super-admin) • Privilege escalation & IDOR • CSRF, XSS, injection risks • Admin / super-admin isolation & audit logging • Light review of existing vulnerability scan & TLS config

Deliverables: • Clear statement on any critical/high-risk issues

Notes: • UK-based SaaS • HMRC/CIS context

Please respond with: • Example reports (if available) • Fixed price & timeframe

Budget: GBP 100 (Fixed Price)

Proposals: 23 freelancers have applied