Objective:
- As a security researcher, how do I report valid security bugs and/or security vulnerabilities on Clio's website?
Environment:
- Clio Web App
Additional Information:
We are happy to reward security vulnerabilities in our app (app.clio.com) that are novel to us and that can be used to gain additional, illicit access.
Answer:
To responsibly disclose a security vulnerability to Clio, we ask that you e-mail us a detailed description of the security vulnerability at security@clio.com
The Clio Security Team will acknowledge receipt of your report and lay out next steps within two business days of receiving the report.
Complete details of Clio's Security Policy can be found at https://app.clio.com/security/policy.txt