https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643580#M10916 <P>Hey,</P> <P>&nbsp;</P> <P>Thanks a lot for reporting this. Could you please write me a private message with your findings? (click on my avatar and then "message")</P> Fri, 29 Sep 2023 10:37:05 GMT alvaron 2023-09-29T10:37:05Z https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643092#M10907 <P>I have found a minor security issue on developer.spotify.com, and I am wondering where I should disclose it?</P><P>&nbsp;</P><P>The issue isn't with the site itself, but rather that one of the tutorials is teaching developers to do something insecurely. While the security issue is by no means critical, I would like to disclose it non-publicly (just in case) to whoever is able to handle the issue.</P><P>&nbsp;</P><P>I had a look at your Hackerone program, and this seems outside scope of that.&nbsp;</P><P>&nbsp;</P> Thu, 28 Sep 2023 15:16:29 GMT https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643092#M10907 Fanicia 2023-09-28T15:16:29Z https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643140#M10909 <P>Hi Fanicia, you can share your findings with the <A href="https://www.spotify.com/bounty/" target="_self">Security Bug Bounty program</A>. Spotify works with HackerOne to be sure that reported vulnerabilities are handled and the reporters are recognized for their contributions.&nbsp;</P><P>If your issue is outside the scope of that program, then you can report it to the Spotify support team <A href="https://support.spotify.com/article/contact-us/?in_footer" target="_self">here</A>&nbsp;and they should be able to be sure it's dealt with properly.</P><P>Hope this helps!</P> Thu, 28 Sep 2023 16:13:52 GMT https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643140#M10909 mauve_minnow 2023-09-28T16:13:52Z https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643580#M10916 <P>Hey,</P> <P>&nbsp;</P> <P>Thanks a lot for reporting this. Could you please write me a private message with your findings? (click on my avatar and then "message")</P> Fri, 29 Sep 2023 10:37:05 GMT https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643580#M10916 alvaron 2023-09-29T10:37:05Z https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643602#M10917 <P>Great. I've just sent you a DM with my report&nbsp;<span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 29 Sep 2023 11:23:38 GMT https://community.spotify.com/t5/Spotify-for-Developers/Where-to-submit-minor-security-finding-for-developer-spotify-com/m-p/5643602#M10917 Fanicia 2023-09-29T11:23:38Z