If you think you've found a security issue, and it's not already in our list of known low-severity issues, then please report it to us through HackerOne.
Policy
The details of our security policy (scope, rewards…) are available in our HackerOne profile.
Thanks
Thanks to everyone who has sent us a report through HackerOne.