How to Report an Issue

If you think you have found a security vulnerability in Microapps, please report it to us responsibly. To report a security issue, email us at [email protected].

What We Expect from You

  • Avoid executing Denial of Service (DoS) attacks.
  • Refrain from using automated tools against our servers.
  • Do not access or alter data that is not yours.
  • Do not publicly disclose the vulnerability details.

What You Can Expect from Us

  • We will assess the risk of every reported vulnerability.
  • If your report is not eligible, we will inform you.
  • If your report is valid, we will prioritize the issue and notify you once it is resolved.
  • You can choose whether to be publicly acknowledged or not.

In Scope

Out of Scope

  • Automated scanning
  • Social engineering
  • Password brute force
  • Clickjacking on pages without sensitive actions
  • Missing security headers (unless you can demonstrate exploitability)
  • Security issues only reproducible under highly unlikely conditions (using outdated or exotic web browsers, operating systems, or insecure internet connections)