If you believe you have found a security vulnerability in a Cocomm product, please tell us about it.
If you are looking to report a non-security related issue, please use the links below for assistance.
If you believe you have found a security vulnerability in one of our web sites or apps, we encourage you to let us know right away. We welcome reports from everyone, including developers, researchers and customers.
To report a security vulnerability, please contact us at info@cocomm.es and include the following information:
We at Cocomm will contact you if we need more information.
Please note that we do not offer a bug bounty program. This means that Cocomm does not pay rewards for disclosed security vulnerabilities.
To protect our customers, we investigate all reported issues, but we do not confirm them publicly.
After you have submitted your report, we will respond to your report within 5 working days and aim to triage your report within 10 working days. We will also aim to keep you informed of our progress.
Priority for remediation is assessed by looking at the impact, severity and exploit complexity. Vulnerability reports might take some time to triage or address. You are welcome to enquire on the status but should avoid doing so more than once every 14 days. This allows our teams to focus on the remediation.
We will notify you when the reported vulnerability is remediated, and you may be invited to confirm that the solution covers the vulnerability adequately.
Once your vulnerability has been resolved, we welcome requests to disclose your report. We would like to unify guidance to affected users, so please do continue to coordinate public release with us.