Do not violate our privacy policy when conducting testing
Disclosing the vulnerabilities publicly, performing testing on customer accounts, causing disruption to our production environment are against our responsible disclosure policy
Please include the following details in your disclosure
Summary of the vulnerability
URL / Location of the vulnerability
Detailed description
Any attachments / Screenshots
We will acknowledge your disclosure within 48 hours
Based on the severity of the issue and the impact on the customer data, the vulnerability will be prioritised and fixed