We appreciate you reporting security issues and believe in transparency and collaboration to protect our systems and users.
- Report your findings as soon as possible via email to rayelnabie@gmail.com.
- Encrypt sensitive information where possible (e.g., using PGP or S/MIME).
- Do not abuse the vulnerability, for example:
- Only download data necessary to demonstrate the issue.
- Do not modify or delete any data.
- Be extra cautious with personal data.
- Do not share the vulnerability with third parties until it is fixed.
- Do not perform attacks such as social engineering, denial-of-service, malware distribution, or spam.
- Provide sufficient details to reproduce the issue, such as URLs, IP addresses, and a clear description of the vulnerability and your steps.
- I will respond within five business days after receiving your report.
- I will handle your report confidentially.
- I will keep you informed of the progress.
- You may report anonymously or under a pseudonym.
- I will credit you as the discoverer if you wish.
- Trivial bugs without potential for exploitation.
- Vulnerabilities in third-party managed platforms or services.
- General web server or network settings outside our website.
- Known and accepted external risks.
- Respect privacy and data confidentiality.
- Always act in good faith and within the law.
- Avoid causing damage or service disruptions.
For reports, please use the above email address.