If there is a vulnerability in the code of this domain (e.g. in one of the javascript files or the html files) always make sure you are viewing the latest/newest version and if the vulnerability could also be found there.
Although not necessary a 'vulnerability', you may also report it if you think there is a way to make the website/domain more privacy friendly.
If there is vulnerability in the code or a weakness you can choose between ways to let me know your findings:
- Use the template to report a bug and pick
otherin the menu below the question What kind of problem do you encounter? (if necessary you can also choosea bug); - Go to issues and fill in the form Report a security vulnerability
Descriptions that are to vague or to general will be closed and thus declined.
Normally, within two weeks you will get a response. This means that within two weeks you will get an updated on the reported vulnerability. I may ask you more details or to help with fixing the issue. If the vulnerability is not creating to much risk and/or a fix is not found easy, the vulnerability could also become declined. But as you never know if I will accept it or not, please always report it.