CoSell believes adequate disclosure of security vulnerabilities requires mutual trust, respect, transparency, and common good between CoSell and Security Researchers.
Together, our vigilant expertise promotes the continued security and privacy of CoSell customers, products, and services.
CoSell accepts vulnerability reports from all sources, including independent security researchers, industry partners, vendors, customers, and consultants. CoSell defines a security vulnerability as an unintended weakness or exposure that could be used to compromise the integrity, availability, or confidentiality of our products and services.
CoSell recommends that security researchers share the details of any suspected vulnerabilities across any asset owned, controlled, or operated by CoSell (or that would reasonably impact the security of CoSell and our users) by filling out our vulnerability disclosure form.
The CoSell Security team will let you know that they received each vulnerability report, conduct a thorough investigation, and then take appropriate action for resolution.