Where to report security vulnerabilities?
-
I found two security vulnerabilities in the private server login flow, but I don't want to reveal the details publicly. One includes a piece of code that can be used to actively exploit it; the other is purely theoretical but goes against the Steam developer guidelines. Is there a way I can report them such that only the Screeps developers can view it?
-
When logged into the screeps world, Top left next to the Screeps logo there's a menu button.Half way down the menu is "Report a Problem"
https://support.screeps.com/hc/en-us/requests/new
There is also an option to mark it Urgent if you feel its dire.
