We take the security of our systems seriously, and we value the security community. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our users.

• Email: Report vulnerabilities to security@worldmobile.io. Please do not report security vulnerabilities through public GitHub issues.
• Include Details: Provide as much information as possible about the vulnerability, including how it might be exploited.
• Do Not Disclose Publicly: Keep the details of any vulnerabilities you discover confidential until we've had 90 days to resolve the issue.
• Response Time: We aim to respond to your report within 72 hours.

• Publicly known vulnerabilities
• Vulnerabilities requiring unlikely or impractical attack vectors

We recognize the efforts of those who responsibly disclose vulnerabilities and will acknowledge their contribution after the issue has been resolved.

Your efforts to responsibly disclose your findings are greatly appreciated and will be taken into account to improve the security of World Mobile.

This policy is inspired by best practices in vulnerability disclosure in the tech industry.