At Newesis, we believe that collaboration with security researchers is essential to protect our users and software.
We welcome responsible disclosures and are committed to resolving security issues quickly and transparently.
If you believe you’ve found a security issue in this project, please contact us privately at:
Please include:
- A detailed description of the issue
- Steps to reproduce (if possible)
- Any relevant logs, screenshots, or PoC
We will respond within 5 business days and aim to resolve valid reports within 30 days.
We ask that you:
- Report the vulnerability to us as soon as possible.
- Give us a reasonable time to investigate and resolve the issue before public disclosure.
- Avoid data leaks, service disruption, or access to other users’ accounts during testing.
- Do not use automated scanners on production environments.
We may publicly acknowledge your contribution with your consent, once the issue is resolved.
- Perform Denial of Service (DoS) attacks
- Use social engineering (including phishing)
- Access or modify data that doesn’t belong to you
- Target our staff, infrastructure, or customers
If you’re unsure whether your findings qualify as a vulnerability, or you’d like guidance during your research, please reach out.
We’re happy to help.
Thank you for helping us make this project safer for everyone!