Security of our user is extremely important for us. If you believe you have found a vulnerability, please create a support request with subject "Security Report" to report it. Before reporting make sure you follow the following rules and regulations.
If you find any vulnerability, report it right away. Do not attempt any escalation of those vulnerabilities. For example: if you find a SQL injection, simply send us the version number of our SQL Server. We do not need to see the DB name or DB data. We will analyze the impact of a vulnerability when necessary so escalation is not necessary.
What we are interested in:
We are not interested in following issues: