Responsible Disclosure Policy
Scopebase welcomes reports from security researchers who identify vulnerabilities in our systems. We are committed to working with you to address issues responsibly and transparently.
How to Report a Vulnerability
Send an email to security@scopebase.org with the subject line Security Vulnerability Report. Include as much detail as possible:
Our Commitments to You
Out of Scope
The following activities are not covered by this policy and may result in your report being deprioritized or legal action:
Response Timeline
Safe Harbor
Scopebase considers security research conducted under this policy to be authorized access. We will not initiate legal action against you for conducting research in compliance with these guidelines.
If third parties initiate legal action against you for work conducted under this policy, we will make clear that your activities were authorized and conducted in good faith.
Acknowledgments
No acknowledgments yet. Be the first to responsibly disclose a vulnerability.
Report a Vulnerability
Email our security team directly. Do not report vulnerabilities through public GitHub issues or social media.
security@scopebase.org