Responsible Disclosure

Email security@itara.live with reproduction steps, affected URL, and any proof-of-concept payload. Encrypt sensitive details if possible.

Give us a reasonable window to fix the issue before public disclosure.

Do not access, modify, or delete data that does not belong to you.

Do not run denial-of-service tests against production.

An acknowledgement within 5 business days and a status update within 14.

Questions about this page? Reach us at hello@itara.live — we keep this content under active review and will update it as the platform evolves.