Bounty
We offer a $10 bounty if the bug you find qualifies as a security bug. To report a bug, please see our instructions located at /.well-known/security.txt, which conforms to the security.txt proposed standard for websites’ security information; if you are curious about this IETF (Internet Engineering Task Force) draft you can read more about it on Wikipedia’s security.txt page.