At Weburz, we take security seriously. We appreciate your efforts to responsibly disclose any security vulnerabilities you find. To report a security issue, please follow these steps:

1. Do Not Publicly Disclose: Please do not publicly disclose the security issue until it has been addressed by our team.

2. Contact Us Privately: Email us at Somraj Saha or Sagar Kapoor with details about the vulnerability. Please provide a clear and concise description of the issue, along with any steps to reproduce it.

3. GPG Encryption (Optional): If you'd like to encrypt your communication, you can use our GPG key to encrypt your message. Our GPG public key is available on our website or on public key servers.

4. Wait for Response: We will acknowledge your report within 2-5 business days and will work with you to understand the scope and severity of the issue.

We are committed to addressing security issues promptly. Once a report is received, we will follow these steps:

1. Review: Our team will review the report and verify the issue.

2. Patch: If a patch is necessary, we will develop and test the fix.

3. Disclosure: Once a fix is ready, we will coordinate the release and disclosure of the issue with the reporter.

4. Attribution: We are happy to acknowledge your contribution in the advisory if you wish.

We kindly ask that you follow responsible disclosure practices:

• Share the security issue with us privately, giving us reasonable time to respond before making any public disclosure.

• Do not exploit the vulnerability in any way that could cause harm to our users or systems.

• Avoid violating any laws or regulations during your research.

Thank you for helping to keep Weburz and our users safe. Your efforts to report security issues responsibly are greatly appreciated.

Weburz Security Team

• Key ID: [Your GPG Key ID]
• Fingerprint: [Your GPG Key Fingerprint]
• Link to GPG Public Key