###Security Disclosure Policy At Carl-Sinclair.com (and all affiliated websites), we take the security of our users and their data very seriously. We appreciate the efforts of security researchers who help us identify and fix vulnerabilities in our systems. This policy outlines the guidelines for reporting vulnerabilities to us. ##What to Report We encourage you to report any vulnerabilities you find in our website or systems. This may include: Cross-Site Scripting (XSS) vulnerabilities SQL Injection vulnerabilities Insecure Direct Object References (IDOR) Broken Authentication Sensitive Data Exposure Denial-of-Service (DoS) vulnerabilities Any other vulnerability that could compromise the security or privacy of our users What Not to Report ##We kindly ask you to avoid the following activities: Denial-of-Service attacks Social engineering attacks Physical attacks on our infrastructure Exploiting vulnerabilities for personal gain or harming others ##How to Report Please submit your vulnerability report to sec@carl-sinclair.com or to the Telegram handle @BigCreativeEnergy. Your report should include the following information, if possible: A detailed description of the vulnerability, including steps to reproduce it Any proof-of-concept code or exploits The impact of the vulnerability Your preferred method of being contacted What to Expect We will review all submitted reports as soon as possible. We will acknowledge your report within 3 business days and provide you with an estimated timeline for fixing the vulnerability. We will keep you informed of the progress and notify you once the vulnerability is fixed. ##Confidentiality We will treat all vulnerability reports with confidentiality. We will not disclose your identity or any details of your report without your prior consent. ##Rewards We may offer a reward for finding and reporting critical vulnerabilities. The amount of the reward will be determined at our discretion based on the severity of the vulnerability and the quality of the report. ##Disclaimer This policy is subject to change at any time without notice. By submitting a vulnerability report, you agree to the terms of this policy. ##Thank You We appreciate your help in keeping our website secure. Together, we can create a safer online environment for everyone.