We care about our security. All reports of vulnerabilities are investigated and feedback is sent to the reporter as soon as possible. We are particularly interested in hearing about vulnerabilities that impact the confidentiality or integrity of user information or systems, and have the potential to impact a large number of users.
If you find a vulnerability:
- Stop exploiting the vulnerability.
- Report it as soon as possible to: firstname.lastname@example.org
- Try to be as detailed as possible in the description. Please provide screenshots, scripts, payloads etc that can be used to exploit the vulnerability.
- Wait for us to fix the vulnerability before disclosing it publicly.
- If your email contains sensitive information encrypt it with our PGP key.
- Extensive penetration testing of our systems may lead to legal actions.
Key fingerprint = 4778 82F5 161A 97FF D06E F166 BFCD 587A B30B A567