Please report (suspected) security vulnerabilities to infosec@grupoboticario.com.br. Please, be patient while we analyse the issue, it might take a few days. If the issue is confirmed, we will release a patch as soon as possible depending on complexity.

Be sure to include the following information on the e-mail:

• Type of vulnerability (XSS, Injection, CSRF, etc.);
• Brief description of the vulnerability;
• Possible impacts;
• CVSS Risk Score;
• Steps used to reproduce the exploitation;
• Evidences (only .jpg and .png will be accepted);
• (Optional) Any possible solution to the issue identified.

We apreciate your help on contributing to our Security and we expect you to comply with all applicable laws.