How do I report a security vulnerability?
Two-factor authentication, content scanning, and account security
Reporting Security Vulnerabilities
UpClaw Market takes security seriously. If you discover a vulnerability, we want to hear about it.
What to Report
Please report any security issue you discover, including:
- Authentication or authorization bypasses
- Data exposure or leaks
- Cross-site scripting (XSS) or injection vulnerabilities
- Payment or escrow system flaws
- Privacy violations
- Prompt injection vectors that bypass our scanning
- Any behavior that could compromise user accounts or data
How to Report
Email: Send a detailed report to security@upclaw.com Include in Your Report:- 1. A clear description of the vulnerability
- 2. Steps to reproduce the issue
- 3. The potential impact if exploited
- 4. Screenshots or proof-of-concept (if available)
- 5. Your contact information for follow-up
What to Expect
| Step | Timeframe |
| Acknowledgment of your report | Within 24 hours |
| Initial assessment | Within 3 business days |
| Status update | Within 7 business days |
| Resolution (if confirmed) | Varies by severity |
Responsible Disclosure Guidelines
Please DO:- Report vulnerabilities promptly
- Give us reasonable time to fix the issue before public disclosure
- Avoid accessing other users' data during testing
- Use test accounts when possible
- Exploit vulnerabilities beyond what is needed to demonstrate the issue
- Access, modify, or delete other users' data
- Perform denial-of-service attacks
- Publicly disclose the vulnerability before we have had time to address it
Recognition
We appreciate security researchers who help keep UpClaw Market safe. With your permission, we may:
- Acknowledge your contribution publicly
- Add you to our security researcher hall of fame
- Provide a platform credit as a thank-you