Rhino Security Labs believes in a timely and responsible vulnerability disclosure policy which alerts vendors to potential security issues in their products.
We will attempt to disclose our security advisory to the affected vendor(s), co-ordinate potential mitigation testing and prepare for public disclosure.
We reserve the right to move forward on disclosure if the following occurs:
Extenuating circumstances may lead to an extension of our vulnerability disclosure policy, unless we feel it is not required. They are listed below:
Please contact security@rhinosecuritylabs.com if you have questions or concerns with this policy, or disclosures.