A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: https://www.phonepe.com/report-vulnerability/report/
Policy: Found a Security Bug? Please read our Responsible Disclosure Policy here, https://www.phonepe.com/report-vulnerability/
Acknowledgements: https://www.phonepe.com/report-vulnerability/#hof
Acceptable Security Bugs: https://www.phonepe.com/report-vulnerability/#qv
Exclusions: https://www.phonepe.com/report-vulnerability/#exc
Preferred-Languages: en
Hiring: https://www.phonepe.com/careers/
Expires: 2032-12-19T05:30:00.000Z