Your name or organization name.

A reply-capable email address. We may use this to follow up for clarification or progress updates.

Please re-enter the same email address to confirm.

A one-line summary of the vulnerability.

URL(s) or API endpoint(s) where the vulnerability occurs. Separate multiple entries with newlines.

Select the category that best matches. If none applies, choose "Other" and fill in the next field.

Only required when "Other" is selected above. Please describe the vulnerability class.

Concrete step-by-step instructions. Insufficient detail may prevent verification.

Potential impact of this vulnerability. Used for prioritization.

Please select the urgency level. Used for prioritization.

When you discovered or confirmed the vulnerability. Helps timeline reconstruction.

Exploit code or concrete examples significantly speed up verification.

Your test environment (OS / browser / API client). Helps reproduce the issue.

Shareable external URL(s) for screenshots, logs, or videos (Google Drive, Dropbox, etc.). Separate multiple with newlines.

Did your testing access data belonging to users or third parties?

If "Possibly accessed", please describe accurately what data was accessed and to what extent.