Reporting
Potential security vulnerabilities should be reported privately to privacy@freelug360.com, with “Security Report” in the subject line.
Please include
- A clear description of the issue.
- The affected page, service or component.
- Steps that allow the issue to be reproduced.
- Potential impact.
- Relevant screenshots or technical details.
Responsible conduct
Please:
- Avoid disrupting services.
- Do not access unnecessary personal or confidential information.
- Do not modify or delete information.
- Allow reasonable time for investigation before disclosure.
Review process
Reports are assessed according to potential impact, reproducibility and relevance. Valid reports will be acknowledged within a reasonable period where practicable.
Limitations
This policy does not authorise unlawful access, denial-of-service testing, social engineering or physical-security testing.