Maintaining the safety and privacy of your data with PLACE is one of PLACE Engineering's top goals. If you are a security researcher (or any other perceptive user) and have discovered a security vulnerability in one of our products, please contact firstname.lastname@example.org. To report something particularly sensitive, you can use the PLACE Product Security PGP/GPG Key to encrypt your email. We consider reports to this address to be of the highest priority, and will investigate them as quickly as possible.
For all other concerns, please contact email@example.com.
For vulnerabilities reported to us in compliance with this disclosure policy, PLACE commits to validate, respond to, and fix vulnerabilities in a timely fashion and to not take legal or administrative action against responsible vulnerability reporters. PLACE reserves all of its legal rights in the event of non-compliance.
Please include the following in security submissions:
- Your email address
- Your full name
- Summary of issue (e.g., XSS on Page Foo, CSRF on Page Bar, SQLi in App Baz)
- Steps to reproduce the issue
As a special thanks to individuals who have reported previously unknown vulnerabilities of high or critical security, PLACE will maintain a list of credits on this page.