Responsible Disclosures
layout: legal-single
Security Disclosure Policy
At LootLocker, we take the security of our platform seriously. We appreciate the efforts of security researchers who help us identify vulnerabilities.
Reporting a Vulnerability
If you discover a security vulnerability, please report it to us at:
Please include:
- A description of the vulnerability
- Steps to reproduce the issue
- The potential impact
- Any proof-of-concept code (if applicable)
Our Commitments
- We will acknowledge your report within 48 hours
- We will investigate and keep you informed of our progress
- We will not take legal action against researchers who follow responsible disclosure practices
- We will credit you in our security acknowledgements (if desired)
Out of Scope
- Denial of service attacks
- Social engineering
- Physical attacks on infrastructure
- Issues in third-party services
Thank you for helping keep LootLocker secure.