Security / Bug Report Form
If you are a security researcher that has found a vulnerability in a Simwood service we want to hear from you. If your vulnerability report affects a service in a way that is within scope of our bounty program, you may be eligible for a bounty award. Submissions that give details of how to reproduce a vulnerability are preferred as they may make it faster for us to resolve any issue.
Simwood will make a reasonable judgement as to whether a report qualifies for a bounty, and the level and type of that bounty.
Services and domains in scope:
Submissions will not be accepted for:
xmlrpc.php theoretical vulnerabilities
Sites hosting third party services
Please submit your report as soon as you have discovered a potential security issue. Please be succinct. If your research is working on production services you must not violate customer privacy, destroy data or do anything to cause an interruption to services. If in doubt, do not proceed and please contact us. You must not disclose the details of your report to 3rd parties.