Issues pertaining to the security of Sansar should be sent to Wookey by the method described below. Please help us keep Sansar secure by ensuring that possible security exploits aren't broadly advertised before a fix is available.
What constitutes a security issue?
If an issue poses any of the following threats to Sansar, its customers, or content, then it is an exploit and should be reported:
- Exposes the real life identity of users without consent
- Destroys content
- Permits unauthorized access to Sansar or Wookey resources
- Compromises the Sansar client or server host, subjecting it to remote control
How do I report a security issue?
To file a security issue:
- Visit the Submit a request page.
- Select Security Report from the dropdown menu under What type of problem are you having?
- Enter a Subject and Description of the security issue. Provide as much detail as possible, including your environment (information about your computer, such as your operating system and the model of your graphics card). Include steps to reproduce the security issue.
- Under Security tickets report issues that may affect all Sansar users or the Sansar service. These tickets are sent to a team that doesn’t address or reply to tickets that do not describe security issues. Does your ticket meet this criteria?, confirm that you are reporting a security issue by choosing Yes, this is a security report.
- Under Please indicate the urgency of this security defect, please select Moderate, Serious, or Critical.
- Under Attachments, include any relevant screenshots, logs, or other files.
Please report issues as soon as you discover them!
For other issues: