Types of Issues That May Be Reported
- Unauthorized access or suspected account compromise
- Exposed files, private documents, or data leakage
- Broken authentication or access controls
- Suspicious login behavior, spoofing, phishing, or defacement
- Vulnerabilities in forms, uploads, journals, or website pages
- Private records visible to unauthorized users
Responsible Reporting Requirements
Please provide the affected page or platform, a clear description of the issue, the date and time observed, safe reproduction steps where lawful, and supporting screenshots if appropriate.
Reports should be limited to what is necessary to demonstrate the issue responsibly. Do not copy, disclose, modify, delete, or download private data.
Prohibited Conduct
- Attempting unauthorized logins or accessing private accounts
- Downloading confidential records or extracting data
- Disrupting availability or running harmful scripts or attacks
- Sharing vulnerability details publicly before AQIRI review
- Using the issue for pressure, blackmail, or personal gain
Review and Response
After receiving a report, AQIRI may log the issue, review it internally, assign it to the technical team, request clarification, take temporary protective action, and notify affected parties where required.