Report a Vulnerability
Found a security issue? We appreciate responsible disclosure. Contact us at [email protected] with details.
What we're looking for:
- Authentication/authorization vulnerabilities
- Data exposure issues
- Injection vulnerabilities (SQL, XSS, etc.)
- Server misconfigurations
- Cryptographic weaknesses
2025
🎯 Be the first to be recognized!
No vulnerabilities reported yet in 2025.
Guidelines
| Severity | Examples | Recognition |
|---|---|---|
| Critical | RCE, SQL injection, auth bypass | Name + Company + Link |
| High | Stored XSS, privilege escalation | Name + Company |
| Medium | Reflected XSS, CSRF, info disclosure | Name |
| Low | Minor misconfigurations | Name (upon request) |
Rules of Engagement
- Do not access, modify, or delete data that doesn't belong to you
- Do not perform denial of service attacks
- Do not use automated scanners without permission
- Give us reasonable time to fix issues before disclosure (90 days)
- Provide detailed reports with steps to reproduce
- Use your own test accounts only
📧 Contact: [email protected]
🔐 PGP Key: Download