If you believe you have discovered a vulnerability, we maintain a policy which aims to provide guidelines for submitting vulnerabilities discovered within Sage products and services.

Our policy can be found at the below link:

https://hackerone.com/sage-group

This vulnerability disclosure policy applies to any vulnerabilities you are considering reporting to us. We recommend reading this vulnerability disclosure policy fully before you report a vulnerability and always act in compliance with it.