Vulnerability disclosure program
Thank you for reaching out regarding a potential vulnerability in our systems. We appreciate your proactiveness in reporting this.
Please note that we currently have a closed bug bounty program hosted on Intigriti, which is by invitation only. To ensure the most efficient handling of your report, we kindly request that you provide us with your Intigriti account if you are already a member.
If you are not yet an Intigriti member, we invite you to create an account on their platform. Please ensure that you complete the identity verification process to be eligible for our bug bounty program.
We only accept vulnerability reports from identity-checked researchers located in Europe.
Once we have received your Intigriti account, we will be happy to extend an invitation to our private bug bounty program.
If you prefer not to create an Intigriti account or if your report does not meet the eligibility criteria for our bug bounty program, we will treat your submission as a responsible disclosure. Please be aware that responsible disclosures, submitted outside of our bug bounty program, are not eligible for bounties.
Intigriti accounts and responsible disclosures can be sent to vdp@flexmail.eu.
Thank you again for your contribution to our security efforts.