Responsible Disclosure

Our commitment

SafeStack welcomes responsible disclosure. If you believe you’ve found a security issue, we appreciate your help in reporting it responsibly.

How to report

• Email: security@safestack.cc
• Include steps to reproduce
• Include affected URL(s) and what you observed
• Proof-of-concept is welcome (no exploitation)

Guidelines

• Do not access or modify other users’ data
• Do not perform denial-of-service attacks
• Do not use social engineering
• Give reasonable time for investigation and fixes

No bug bounty

SafeStack does not currently offer a paid bug bounty program. Valid reports may be acknowledged publicly (with your permission).