A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Information related to reporting security vulnerabilities of this site.

# How to communicate about security issues.
Contact: mailto:security@sezzle.com

# Date and time after which this data is considered stale
Expires: 2024-05-05T15:17:00.000Z

# Encryption

# Acknowledgements

# Preferred languages for communication.
Preferred-Languages: en

# Canonical

# What security researchers should do when searching for or reporting security issues.
Policy: Found a bug in our application? We have our private bug bounty program with Bugcrowd. Send your email to us so that we can invite you to the program.

# Link to any security-related job openings in your organization.
Hiring: https://boards.greenhouse.io/sezzle

# Please see https://securitytxt.org/ for details of the specification of this file.