How to disclose
Step 1. Include the following information in your report.
- Code or proof of concept so we can reproduce the vulnerability
- Description of the vulnerability
- Your name/handle: In order for us to give you proper recognition if you wish.
Step 2. Use the following PGP keys when submitting sensitive information.
- PGP: 4B40 A37E D0BB 0775 EA91 0A31 684B DEA7 EF01 480E
After your submission, we will follow up with you as part of the review process. Once we have determined that you have found a security bug, we will give you recognition for your work as part of our “Hall of Thanks” (if you desire) and allow you to claim your bounty reward.
Please read the details for full requirements on how to be eligible for the bug bounty program.