If you think you have found an issue that poses a security risk or impacts the privacy of users of Carbon Mapper services, please send an email to security@carbonmapper.org, and include the following information:
- Description of the vulnerability
- Steps to reproduce the issue (if possible)
- In the case of API-related issues, API endpoints involved and the body the request that triggered the behavior in question
- In the case of website-realted issues, browser type and version
Security issues will be discussed internally, and we may reach out to you via email to discuss further.