Our Commitment
At Plane, security is a core value. We appreciate security researchers who help us maintain high standards for our users' security and privacy through responsible vulnerability research and disclosure.
Reporting a Vulnerability
Submit vulnerability reports via email to [email protected].
What We Promise
When you report a valid security issue:
- We will respond within 3 business days with an initial assessment
- We will handle your report with strict confidentiality
- We will keep you informed about our progress resolving the issue
- We will not take legal action against researchers who follow this policy
- We will recognize your contribution if you wish
In-Scope Vulnerabilities
We’re primarily interested in high and medium severity issues that affect the security of our users' data or our systems:
- Remote code execution
- SQL injection
- Authentication or authorization flaws
- Server-side request forgery
- Significant business logic vulnerabilities
- Serious cross-site scripting (XSS)
- Cross-site request forgery with significant impact