We take the security of our systems seriously, and we value the security community. Responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our users.
If you believe you’ve found a security vulnerability in our software please email it to firstname.lastname@example.org. It will be very valuable to us, if you can include the following details in your email submission:
We will usually respond with an acknowledgement within 96 hours. If you do not receive any response from us the issue may have already been reported or the description provided by isn’t understandable. We request you to adhere to the principles of responsible disclosure which are, but not limited to
Taking into consideration the safety of our customers/users please do not publish any security vulnerabilities. We expect to fix all security issues within 30 days from the date of the reported security issue. Once an issue has been fixed we will explicitly acknowledge this and at which time you are free to publish your work.
You may receive recognition and/or a reward depending on various factors like :
If you prefer to remain anonymous, we encourage you to use pseudonym when reporting.