Last updated: October 13th, 2022
Repositax maintains a Responsible Disclosure Policy (RDP) scoped to particular assets as identified below. You can contact us for more information or to report vulnerabilities firstname.lastname@example.org.
Repositax’s Responsible Disclosure Policy covers the following products:
The scope of this policy may expand in the future as we add additional product capabilities and gain experience with this process.
Repositax will not engage in legal action against individuals who submit vulnerability reports to email@example.com in accordance with this policy. We openly accept reports for the Repositax products identified above. We agree not to pursue legal action against individuals who:
Submit vulnerability reports to Repositax’s Security Team via firstname.lastname@example.org.
Preference will be given to reports that meet the following criteria:
What you can expect from Repositax:
Repositax reserves the right to use a neutral third party to assist in determining how best to handle the vulnerability.