Please contact us in https://elisa.fi/en/vulnerabilities/ We also have bug bounty program: https://hackerone.com/elisa