Report a SecurityVulnerability
Help us keep invyra secure.Report vulnerabilities responsibly and we'll work with you to fix them.
Responsible Disclosure
We appreciate the security research community's efforts in helping us maintain the security of invyra. If you believe you've found a security vulnerability, please report it responsibly through our coordinated disclosure program.
How to Report
Encrypted Communication
For sensitive reports, we support encrypted communication. Contact us to request our PGP public key for secure submissions.
What to Include in Your Report
Type of Vulnerability
Describe the category (e.g., XSS, SQL injection, authentication bypass)
Affected Components
Specify which parts of invyra are affected (URLs, API endpoints, features)
Steps to Reproduce
Provide detailed steps so we can verify and reproduce the issue
Proof of Concept
Include screenshots, videos, or code snippets demonstrating the vulnerability
Impact Assessment
Explain the potential impact and severity of the vulnerability
Your Contact Information
Provide your name and email so we can follow up with you
Our Commitment to You
Quick Response
We'll acknowledge your report within 48 hours
Confidentiality
Your report will be kept confidential and secure
Recognition
We'll credit you in our security hall of fame
Responsible Disclosure Guidelines
Do's
- ✓Give us reasonable time to fix issues before public disclosure
- ✓Make good faith efforts to avoid privacy violations
- ✓Contact us at security@invyraa.com for coordination
Don'ts
- ✕Access or modify other users' data without permission
- ✕Perform actions that could harm service reliability
- ✕Publicly disclose before we've had a chance to fix it
Out of Scope
The following issues are considered out of scope for our vulnerability program:
Found a Security Vulnerability?
Help us keep invyra secure and be recognized as a security hero. Report it now and let's work together to fix it.
Report Vulnerability Now