"CyRAACS takes the security of its systems very seriously. As part of our commitment to maintaining the highest levels of security, we encourage responsible disclosure of any vulnerabilities that may be discovered in our systems. If you believe you have found a serious security vulnerability on any of our applications, we appreciate your help in letting us know responsibly. This policy outlines the guidelines for responsible disclosure of vulnerabilities.
Reporting a Vulnerability: If you believe you have found a vulnerability in any of our systems, we encourage you to report it to us as soon as possible. You can do this by sending an email to [email protected]
Please provide us with as much information as possible about the vulnerability, including a detailed description of the vulnerability, steps to reproduce it, and any other information that may be useful for us to understand the impact of the vulnerability. Please provide us with a proof-of-concept or exploit code that demonstrates the vulnerability. Please do not publicly disclose the vulnerability, this will violate the confidentiality clause.
• Do not engage in any activity that could harm our systems or our customers.
• Do not publicly disclose the vulnerability until we have had a reasonable amount of time to investigate and remediate the issue.
• You will protect our users' privacy and data in good faith. You will not access or modify other user's data without our permission.
• You will ensure that no disruption is caused to the production systems, degradation of user experience and destruction of data during security testing.
• Do not attempt to access any system data, or confidential information beyond what is necessary to demonstrate the vulnerability.
• Do not attempt to exploit the vulnerability to access, modify, or delete any data.
• Do not demand compensation for reporting the vulnerability.
We value the contributions of security researchers and are committed to working with the community to maintain the highest levels of security for our systems. Thank you for your assistance in keeping our systems secure."