Please report security vulnerabilities to dna@simplybusiness.co.uk. We will try to get back to you as soon as we can, but this will typically be within 5 working days. If the issue is confirmed, we will release a patch as soon as possible depending on the criticality.
Please include as much information in the report and include details such as:
- Type of issue (buffer overflow, injection etc.)
- Specify all relevant source code
- Steps to reproduce the issue
- Proof-of-concept (PoC) where possible
- Impact and how an attacker might exploit the issue
We prefer all communications to be in English.