We at baobun take the security of our products very seriously. If you think you have found a security vulnerability in any of our products (bot, website, dashboard), follow these steps:
- DO NOT disclose the vulnerability publicly.
- Send a detailed report privately to
- Discord: @tookender
- Email: TBA
- Clear, easy to understand description of the vulnerability
- How to reproduce the vulnerability (potentially with a demo video)
- Impact of the vulnerability, who does it affect, how bad is it
- Any possible solutions you might be aware of (don't worry if you don't know)
- We will answer to your report within 48 hours
- We will provide updates about our progress on fixing the issue
- Once it is fixed, we will notify you and optionally acknowledge you publicly
- Social engineering attacks
- Issues related to UGC
- Theoretical vulnerabilities