Responsible Vulnerability Disclosure

This page is for independent security researchers who are willing to report or want to start looking for, vulnerabilities on Vobot platform.
The information on this page is intended only for security researchers who are interested in reporting security vulnerabilities on Vobot. If you are a Vobot holder and have questions, you can contact our customer service team help[ at ]getvobot.com

If you believe that you have discovered a security vulnerability on Vobot platform, we strongly encourage you to inform us and to not disclose the vulnerability publicly.
Reporting a potential security vulnerability:
Privately send details of the vulnerability to Vobot team by sending an email to dev[ at ]getvobot.com

Please provide full details of the vulnerability, including
● Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
● Product and version that contains the bug, or URL
● Service packs, security updates, or other updates for the product you have installed
● Any special configuration required to reproduce the issue
● Step-by-step instructions to reproduce the issue on a fresh install
● Proof-of-concept or exploit code
● Impact of the issue, including how an attacker could exploit the issue
Vobot follows Coordinated Vulnerability Disclosure (CVD) and, to protect the ecosystem, we request that those reporting to us do the same.
With our PGP key, please download it from Vobot Security Response Center PGP Key.

We appreciate your assistance, and we review all reports and do our best to address the issues within the specified time frame.