Bug Bounty Program | Railway | Page 1

lofty ravine Feb 23, 2023, 5:57 AM

#

Hi there, I notified you about a security vulnerability I discovered via email, but I haven't received a response from your team yet. It's been 10 days.

Thanks.

cunning cargoBOT Feb 23, 2023, 5:57 AM

#

Project ID: N/A

#

We recognize the important role that security researchers and our user community play in helping to keep Railway and our users secure. If you have discovered a site or product vulnerability, you may be eligible for a monetary award in accordance with the terms and conditions of our Bug Bounty Program. Please submit your bug reports to [email protected].

lofty ravine Feb 23, 2023, 5:59 AM

#

N/A

leaden lintel Feb 23, 2023, 6:12 AM

#

cc @sterile badger @runic burrow

sterile badger Feb 23, 2023, 6:13 AM

#

Hey @lofty ravine - sorry about that. The page says 30 days but honestly we should be doing better. Can you send the disclosure to [email protected]?

#

I can review it first thing my morning

#Bug Bounty Program