Vulnerability Disclosure

If you believe that you have found any security vulnerability in the products or services of RD Group, you are welcome to submit a vulnerability report to us.

Reporting a vulnerability

We accept vulnerability reports via security@rd.group. For additional security, you should encrypt your email by PGP public key.


When reporting any security vulnerability, please include following information:

  • The URL of the affected website
  • The name and version of the affected product
  • The potential impact of vulnerability
  • Detailed instructions on how to replicate the vulnerability, including the necessary screenshots, proof-of-concept etc.
  • other useful information

 

We will review and respond as quickly as possible to your submission, and keep you informed as we work to fix the reported vulnerability. We may contact you for further information if necessary.

Important Guidelines

Please follow the rules below when working to discover security vulnerabilities:

  • Please notify us as soon as possible after you discover a real or potential security issue
  • Please Make sure to avoid privacy violations, degradation of user experience, disruption to production systems, and the destruction or manipulation of data
  • Please do not attempt social engineering or phishing techniques on our users or RD staff
  • Please do not disclose information relating to your discovery publicly