You Gotta Hack That (YGHT Ltd) takes security issues extremely seriously and welcomes feedback from security researchers in order to improve the security of its products and services. We operate a policy of coordinated disclosure for dealing with reports of security vulnerabilities and other issues.
To privately report a suspected security issue to us, please send an email to email@example.com, giving as much detail as you can including a proof of concept and perceived risks where these are appropriate. We prefer secure communication, but not to the extent that no communications are possible. We use PGP/GPG and our key is available to download on our contact page.
We will respond to you as soon as possible. If the suspected security issue is confirmed, we will then come back to you with an estimate of how long the issue will take to fix. Once the fix is deployed, we will notify you and recognise your efforts on this page.
We ask the following:
What we promise:
Unfortunately, at this time, we are not able to offer bug bounties, financial payouts or other tangible rewards. However, this page also acts as our hall-of-fame and will include acknowledgments for everyone who makes a report to us, has been confirmed as an issue, and where the issue has been resolved.