Responsible Disclosure
Help us keep LuxRide users safe by reporting security vulnerabilities responsibly.
Scope
We welcome reports for issues affecting our public website, APIs, and admin portal. Out-of-scope includes social engineering, physical attacks, and denial-of-service.
Safe Harbor
If you make a good-faith effort to comply with this policy while researching and reporting, we will not initiate legal action against you.
How to Report
- Describe the issue, impact, and affected endpoint or page.
- Provide clear reproduction steps or a proof-of-concept.
- Share minimal data necessary; avoid accessing other users' data.
- Email: security@luxride.example