Effective Date: February 24, 2021
We take the security of our systems seriously, and we value the security community. Responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our users.
A security vulnerability is a weakness in the defenses of our services that may compromise the safety of our systems. Security researchers and others who become aware of potential vulnerabilities should make a report using the submission instructions below.
We encourage anyone who believes they have discovered a potential vulnerability, or who has become aware of unauthorized access to confidential CMW Lab data (including customer data), to inform us immediately to help protect our customers and to improve and strengthen the confidentiality, availability and integrity of our systems.
We promise to:
CMW Lab does not offer a bug bounty program or compensation for disclosure.
If you believe you’ve found a security vulnerability in our software please contact us. It will be very valuable to us, Reports should include the following information:
Taking into consideration the safety of our customers/users please do not publish any security vulnerabilities. We expect to fix all security issues within a reasonable amount of time days from the date of the reported security issue. Once an issue has been fixed we will explicitly acknowledge this and at which time you are free to publish your work.