Security researchers are vital to keeping our digital ecosystem resilient. If you have discovered a potential vulnerability on this domain, we encourage you to share it with us responsibly so we can help protect the affected party.

River Security acts as a third party responsible disclosure handler for this domain, and we will ensure that all valid reports are processed with care and urgency.

How to Report

Send your findings to:

[email protected]

Include the following details in your report:

1. Domain

The exact domain, subdomain or endpoint where you identified the issue.

2. Target

A clear description of the component or functionality you tested, such as an API endpoint, login workflow, file upload mechanism or business logic.

3. Impact

Explain the security risk your finding represents. Examples include account takeover, data exposure, privilege escalation, remote code execution, or business logic abuse. The more detail you provide about potential exploitation paths, severity and conditions, the faster we can triage.

What to Expect

Once your report is received, River Security will review the submission, validate the finding and coordinate with the appropriate stakeholders for remediation. We may reach out for additional clarification if needed.

We appreciate your cooperation and your commitment to improving security for everyone.