Reporting security issues
If you believe you have found a security issue affecting Aerod, its apps, website, affiliate redirect system, or deployment configuration, report it to:
security@aerod.net
Include enough detail to reproduce and understand the issue.
What to include
A useful report usually includes:
- Affected URL or route.
- Steps to reproduce.
- Expected behavior and actual behavior.
- Browser, device, or network context if relevant.
- Screenshots or proof-of-concept details that avoid harming users.
Testing boundaries
Do not access, modify, delete, or exfiltrate data that does not belong to you. Do not degrade service, run denial-of-service testing, attempt social engineering, or test third-party providers linked from Aerod without their permission.
Response expectations
Aerod should acknowledge valid reports, investigate in good faith, and correct issues based on severity and practical impact.
This policy does not create a bug bounty program unless Aerod publishes one separately.