Brain-Storm takes security seriously. If you have discovered a potential security vulnerability, please report it following our responsible disclosure policy.

If you find a security issue, we ask that you:

• Do not disclose it publicly until we have had a reasonable chance to address it.
• Provide a detailed description of the vulnerability, including steps to reproduce it.
• Keep us updated as you find more information.
• Act in good faith and avoid any actions that could harm our users or platform.

Please report security issues by emailing [INSERT SECURITY EMAIL ADDRESS]. We aim to acknowledge reports within 48 hours and provide a fix or mitigation as soon as possible.

Vulnerabilities include, but are not limited to:

• Cross-Site Scripting (XSS)
• SQL Injection
• Broken Access Control
• Insecure Direct Object References (IDOR)
• Session Hijacking
• Private data exposure

Thank you for helping us keep Brain-Storm secure!