Isaac Adjei
zaccess
This site is best experienced on a laptop or desktop.

Security Policy

I take the security of this site seriously. If you have discovered a vulnerability, I appreciate you letting me know responsibly.

Scope

This policy covers isaacadjei.me and all its subdomains. It does not cover third-party services or infrastructure I do not control.

  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Authentication or authorisation bypass
  • Sensitive data exposure
  • Server-side injection vulnerabilities

How to Report

Please send vulnerability reports by email to [email protected] with the subject line Security Disclosure. Include a clear description of the issue, steps to reproduce and any supporting evidence such as screenshots or proof-of-concept code.

Please do not publicly disclose the issue until I have had a reasonable opportunity to investigate and address it.

Response Timeline

I aim to respond to all reports within the following timeframes:

  • Initial acknowledgement within 3 business days
  • Assessment and triage within 7 business days
  • Resolution or mitigation plan within 30 days for valid issues

Good Faith

I will not take legal action against researchers who act in good faith, follow this policy and do not access, modify or delete data beyond what is needed to demonstrate the vulnerability. Valid reporters will be acknowledged on the Hall of Fame.