At present, we only collect vulnerabilities through the official email（ sec@ushareit.com ）, please double check the email address. We will reply to you within 48 hours after receiving the email.

In the vulnerability report, you need to explain: the name, type, affected assets (APP, website, etc.), discovery process and exploitation evidence such as screenshot or video, repair suggestions of the vulnerability.Please try your best to ensure the clarity and integrity of the report. For the experts whose report is the most clear, we will set up a separate reward. At the same time, please do not disclose and disseminate the details of the vulnerability before it is fixed.

Please provide correct payment information, otherwise the payment might be postponed.