To expedite the triaging and prioritisation of submission, your reports should:
- Describe where the vulnerability was discovered and the potential impact of exploitation.
- Include enough detail so we can reproduce your steps. Screenshots and proof of concept code are helpful.
What happens next
We will coordinate with you as openly and as quickly as possible during the remediation of any identified vulnerabilities.
We will:
- Respond to your report within 5 business days.
- Keep you informed throughout DPIRD's internal investigation and remediation (if required) of the identified vulnerability.
- Agree on a date for public disclosure.
- Credit you as the person who discovered the vulnerability unless you prefer to remain anonymous.