Responsible Disclosure Policy

Please email the details to pimentaCHAT’s security team at security@pimenta.chat. You will then receive an e-mail with instruction on how to proceed with the disclosure.

Please refrain from requesting compensation for reporting vulnerabilities. If you want we will publicly acknowledge your responsible disclosure on internal development group. We also try to make the confidential issue public after the vulnerability is announced.

You are not allowed to search for vulnerabilities on pimentaCHAT’s Community server. If you want to perform testing without setting pimentaCHAT up yourself please contact us to arrange access to a staging server.

You can find more about how to contribute to our security here.