Security is core to our values and we take it very seriously. We appreciate the input of security researchers acting in good-faith to help us maintain a high standard for the security and privacy of our users, which includes encouraging responsible vulnerability research and disclosure.
If you're a security researcher and have discovered a vulnerability, please send a report to [email protected] Please give us a reasonable amount of time to replicate and resolve the vulnerability before disclosing the vulnerability to the public or to other parties. We typically reply within 24 hours if a vulnerability is deemed critical.
Thank you for your time and effort and for helping us keep our users and their data safe!