Security Policy

We appreciate responsible disclosure of vulnerabilities. Please email security reports to [email protected].

Scope

Public web properties under the hgmserve.rs domain and subdomains
Public APIs documented and intended for external consumption

Out of Scope

Denial of Service (DoS), volumetric attacks
Automated scanning without prior coordination
Third-party services not owned by HGM Servers

Safe Harbor

If you make a good-faith effort to follow this policy, we will not pursue civil action or initiate a complaint to law enforcement. Avoid privacy violations, data destruction, and service disruption.

Reporting

Please include steps to reproduce, affected endpoints, and any proofs of concept. We will acknowledge receipt promptly and keep you updated.

If you require encrypted channels, request options in your first email.