Our policy on reported vulnerabilities (see below on how to report) is that we will respond to the reporter of a vulnerability within two (2) business days of receiving the report and notify the ...