Legal · Security

Security
policy.

We appreciate responsible disclosure of vulnerabilities. Please email security reports to [email protected].

  1. 01

    Scope

    • Public web properties under the hgmserve.rs domain and subdomains
    • Public APIs documented and intended for external consumption
  2. 02

    Out of scope

    • Denial of Service (DoS), volumetric attacks
    • Automated scanning without prior coordination
    • Third-party services not owned by HGM Servers
  3. 03

    Safe harbor

    If you make a good-faith effort to follow this policy, we will not pursue civil action or initiate a complaint to law enforcement. Avoid privacy violations, data destruction, and service disruption.

  4. 04

    Reporting

    Please include steps to reproduce, affected endpoints, and any proofs of concept. We will acknowledge receipt promptly and keep you updated.

    If you require encrypted channels, request options in your first email.