We take security seriously. If you discover any security vulnerabilities within the Nexpo app repository, please let us know immediately. We appreciate your efforts to responsibly disclose the issue, and we will work to address it as quickly as possible.
Please follow these guidelines when reporting security issues:
- Do Not disclose the issue publicly until it has been addressed.
- Privately share the details of the vulnerability with us by emailing us at [it.arkad@box.tlth.se] or at [arkad@tlth.se].
- Provide a clear description of the vulnerability along with the steps to reproduce it.
- Include information about the version of the software where the vulnerability was discovered.
Our team will acknowledge your report, assess the severity, and work on addressing the issue. We aim to keep you updated on our progress and collaborate with you to ensure a smooth resolution.
Our team focuses on addressing vulnerabilities in the latest release of Nexpo app]. While we encourage you to stay up to date with the latest version, if a reported vulnerability exists in a previous version, we will evaluate its severity and consider providing a fix, depending on the impact and feasibility.
We value the security research community and encourage responsible disclosure. To show our appreciation, we commit to not pursuing legal action against security researchers who responsibly disclose vulnerabilities to us, provided they adhere to this policy.
We will update this security policy as needed to address changes in our approach to security or to reflect any modifications to how we handle security vulnerabilities. Please refer back to this document occasionally to stay informed.
If you have any questions, concerns, or suggestions regarding our security policy, please contact us at [it.arkad@box.tlth.se] or at [arkad@tlth.se].
Thank you for helping us keep Nexpo app secure!