At Prima, we take the security of our systems and data very seriously. We recognize the valuable role that security researchers and members of the public play in helping us identify and address potential security vulnerabilities. We encourage responsible disclosure of any vulnerabilities found in our systems, applications, or services to help us maintain the highest level of security for our customers.

This policy applies to all Prima systems, applications, and services, including third-party systems that we use. We reserve the right to update or modify this policy at any time without prior notice.

Please do not report security vulnerabilities through public GitHub issues.

To report a potential vulnerability, you can send us an email to security-report@prima.it, following the guidelines in our Responsible Disclosure Policy. If you don’t feel comfortable sharing this information via plain text email, you can contact us at the same email address, and we will coordinate the establishment of an alternative secure channel.

If the issue is confirmed, we will release a patch as soon as possible depending on complexity.

For more details, please refer to our Responsible Disclosure Policy.