Security

Platform security information, responsible disclosure guidance, and how to report vulnerabilities privately.

We take platform security seriously and appreciate good-faith reports that help protect myEmotes, its users, uploaded content, and related infrastructure. If you believe you discovered a vulnerability or a security-sensitive issue, please contact us privately before disclosing it publicly.

Report A Security Issue

Contact: [email protected]

Please use a clear subject line such as Security Report and include the affected URL or feature.

What To Include

  • A short description of the issue and why it matters.
  • Clear reproduction steps or a proof of concept where appropriate.
  • Affected URLs, account roles, browsers, devices, or environments.
  • Any relevant screenshots, logs, response payloads, or timing details.

Responsible Disclosure

Please do not publish details of a suspected vulnerability before we have had a reasonable opportunity to review and address it. We ask reporters to avoid actions that could harm users, compromise data, interrupt service availability, or access content that is not their own.

Good-faith testing that stays within these boundaries is appreciated and helps us improve the platform.

Out Of Scope

  • Social engineering, phishing, or physical attacks against people, devices, or third-party services.
  • Denial-of-service, spam, brute-force, or load-testing activity that degrades platform availability.
  • Reports based solely on outdated browser behavior or missing best-practice headers without a plausible exploit path.
  • Issues in third-party services that are unrelated to myEmotes configuration or integration.

Our Handling Process

We aim to review reports promptly, validate severity, and coordinate remediation according to technical and operational risk. Some fixes can be deployed quickly, while others may require staged infrastructure, moderation, storage, or dependency changes.

Where appropriate, we may ask follow-up questions to reproduce the issue reliably and confirm that the fix fully closes the problem.

Abuse, Copyright, And General Reports

Security reporting should be used for vulnerabilities and security-sensitive platform issues. For non-security concerns such as copyright disputes, policy abuse, or broken content, please use the normal support or reporting paths instead.

Related: Report an Issue · Privacy Policy