Report Security Concerns

Found something suspicious? We want to hear about it.

Security is a Team Effort

No system is perfect—not even ours. That's why we rely on security researchers, ethical hackers, and observant users like you to help us find and fix issues before they become problems.

If you've discovered a vulnerability in Boti, we genuinely appreciate you taking the time to report it responsibly.

How to Report

1

Email Us Directly

Send your findings to

2

Include Details

Help us understand and reproduce the issue. Include steps to reproduce, affected URLs, screenshots, or proof-of-concept code if you have it.

3

Give Us Time

Please allow us reasonable time to investigate and fix the issue before disclosing it publicly. We move fast, but some fixes take time to do right.

What to Include in Your Report

Description

Clear explanation of the vulnerability and its potential impact.

Steps to Reproduce

Detailed steps so we can verify and fix the issue quickly.

Evidence

Screenshots, videos, logs, or proof-of-concept code that demonstrates the issue.

Impact Assessment

Your assessment of the severity and potential impact on users.

What Happens Next

We acknowledge your report within 48 hours

Our team investigates and assesses the severity

We keep you updated on our progress

We fix the issue and notify affected users if necessary

We credit you (if you want) once the fix is deployed

What's Not in Scope

To help us focus on real threats, please don't report:

  • Social engineering attacks (phishing, pretexting)
  • Physical attacks on our infrastructure
  • Denial of service (DoS) attacks
  • Spam or content issues (use Report Abuse instead)
  • Missing security headers that don't lead to exploitation
  • Issues in third-party services we don't control

Safe Harbor

We believe in responsible disclosure. If you act in good faith and follow these guidelines, we commit to:

  • Not pursue legal action against you
  • Work with you to understand and resolve the issue
  • Recognize your contribution (with your permission)

Ready to Report?

We appreciate your help in keeping Boti secure.

Looking for general security information? Visit our Security page to learn how we protect your data.