Solutions2Share’s vulnerability disclosure policy
We believe that responsible disclosure of security vulnerabilities is an important aspect of maintaining the security of our systems and protecting our users’ data. We welcome and encourage the responsible reporting of any vulnerabilities that may exist in our systems.
Scope
This policy applies to all products and services offered by Solutions2Share.
Reporting a Vulnerability
If you discover a security vulnerability in any of our systems, please report it to us by sending an email to support.solutions2share.net (english preferred). Please include a detailed description of the vulnerability, including the steps required to reproduce it, and any related information or documentation that may be useful in assessing the vulnerability.
Coordinated Disclosure
We will make every effort to promptly acknowledge receipt of your vulnerability report and to work with you to understand and address the vulnerability. We will also make every effort to keep you informed of our progress in addressing the vulnerability.
Disclosure Timeline
We are committed to promptly acknowledging and addressing reported vulnerabilities in a responsible manner. Upon receiving a report of a vulnerability, we will work diligently to investigate and understand the issue, and we will keep the researcher who reported the vulnerability informed of our progress. We appreciate your patience and cooperation as we work to address any vulnerabilities that are identified.
Protection of Researchers
We will not take legal action against security researchers who act in good faith and follow this policy in reporting a security vulnerability. We also request that researchers do not publicly disclose any vulnerabilities until we have had a reasonable time to address them.
Acknowledgement
We will acknowledge your contribution to our security and may publicly acknowledge your help unless you request otherwise.
Scope of Liability
Our organization will not hold researchers responsible for unintended consequences of their good faith security research, provided they comply with this policy.
Contact
For further information or to report a vulnerability, please contact support.solutions2share.net (english preferred).