{"id":2386,"date":"2026-05-29T12:02:02","date_gmt":"2026-05-29T08:02:02","guid":{"rendered":"https:\/\/ompay.om\/?page_id=2386"},"modified":"2026-05-29T15:38:52","modified_gmt":"2026-05-29T11:38:52","slug":"responsible-disclosure","status":"publish","type":"page","link":"https:\/\/ompay.om\/ar\/responsible-disclosure\/","title":{"rendered":"Responsible Disclosure"},"content":{"rendered":"<div data-elementor-type=\"wp-page\" data-elementor-id=\"2386\" class=\"elementor elementor-2386\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d736194 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"d736194\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e810c35\" data-id=\"e810c35\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3485270 elementor-widget__width-inherit elementor-widget elementor-widget-html\" data-id=\"3485270\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<style>\n.omp-sec {\n  --navy:      #0b1222;\n  --navy2:     #0f1a30;\n  --navy3:     #162040;\n  --teal:      #00c8bc;\n  --teal-dim:  rgba(0,200,188,0.12);\n  --teal-lt:   rgba(0,200,188,0.08);\n  --white:     #ffffff;\n  --grey1:     rgba(255,255,255,0.75);\n  --grey2:     rgba(255,255,255,0.45);\n  --grey3:     rgba(255,255,255,0.15);\n  --grey4:     rgba(255,255,255,0.07);\n  --border:    rgba(255,255,255,0.08);\n  --border2:   rgba(255,255,255,0.14);\n  --r:         10px;\n  --r-lg:      16px;\n  font-family: 'Barlow', sans-serif;\n  background: transparent;\n  color: var(--white);\n  line-height: 1.65;\n}\n\n@import url('https:\/\/fonts.googleapis.com\/css2?family=Barlow:wght@300;400;500;600;700;800;900&family=Barlow+Condensed:wght@600;700;800;900&display=swap');\n\n.omp-sec *, .omp-sec *::before, .omp-sec *::after { box-sizing: border-box; margin: 0; padding: 0; }\n.omp-sec a { color: inherit; text-decoration: none; }\n\n\/* \u2500\u2500 HERO \u2500\u2500 *\/\n.omp-hero {\n  background: transparent;\n  padding: 80px 40px 88px;\n  text-align: center;\n  position: relative;\n  overflow: hidden;\n  border-bottom: 1px solid var(--border);\n}\n.omp-hero::before {\n  content: '';\n  position: absolute;\n  left: 50%; top: -120px;\n  transform: translateX(-50%);\n  width: 700px; height: 700px;\n  border-radius: 50%;\n  background: radial-gradient(circle, rgba(0,200,188,0.08) 0%, transparent 65%);\n  pointer-events: none;\n}\n.omp-hero-inner {\n  position: relative; z-index: 1;\n  max-width: 680px; margin: 0 auto;\n}\n.omp-eyebrow {\n  display: inline-flex; align-items: center; gap: 8px;\n  font-size: 11px; font-weight: 700;\n  letter-spacing: 0.2em; text-transform: uppercase;\n  color: var(--teal);\n  margin-bottom: 20px;\n}\n.omp-eyebrow::before, .omp-eyebrow::after {\n  content: ''; display: block;\n  width: 28px; height: 1px;\n  background: var(--teal); opacity: 0.6;\n}\n.omp-hero h1 {\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: clamp(28px, 7vw, 60px);\n  font-weight: 900;\n  letter-spacing: 0.03em;\n  text-transform: uppercase;\n  color: var(--white);\n  line-height: 1.0;\n  margin-bottom: 10px;\n}\n.omp-hero h1 .hl { color: var(--teal); }\n.omp-hero-tagline {\n  font-size: 15px; font-weight: 400;\n  color: rgba(255,255,255,0.6);\n  margin: 14px auto 0;\n  max-width: 480px;\n}\n.omp-hero-sub {\n  font-size: 15px; font-weight: 300;\n  color: var(--grey2);\n  max-width: 500px; margin: 12px auto 32px;\n}\n.omp-btn {\n  display: inline-flex; align-items: center; justify-content: center; gap: 10px;\n  background: var(--teal);\n  color: var(--navy);\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: 15px; font-weight: 800;\n  letter-spacing: 0.12em; text-transform: uppercase;\n  padding: 14px 34px;\n  border-radius: 6px;\n  transition: filter 0.2s, transform 0.15s;\n  cursor: pointer;\n}\n.omp-btn:hover { filter: brightness(1.1); transform: translateY(-2px); }\n.omp-btn svg { width: 16px; height: 16px; stroke: var(--navy); fill: none; stroke-width: 2; stroke-linecap: round; flex-shrink: 0; }\n\n\/* \u2500\u2500 SECTION SHELL \u2500\u2500 *\/\n.omp-section {\n  padding: 64px 40px;\n  border-bottom: 1px solid var(--border);\n}\n.omp-section:last-child { border-bottom: none; }\n.omp-inner { max-width: 860px; margin: 0 auto; }\n\n.omp-label {\n  font-size: 11px; font-weight: 700;\n  letter-spacing: 0.2em; text-transform: uppercase;\n  color: var(--teal); margin-bottom: 10px;\n}\n.omp-section h2 {\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: clamp(26px, 5vw, 44px);\n  font-weight: 900; letter-spacing: 0.04em;\n  text-transform: uppercase;\n  color: var(--white);\n  line-height: 1.05; margin-bottom: 14px;\n}\n.omp-section p {\n  font-size: 15px; font-weight: 300;\n  color: var(--grey2);\n  max-width: 620px; margin-bottom: 12px;\n}\n.omp-section p:last-child { margin-bottom: 0; }\n\n\/* \u2500\u2500 GUIDELINES GRID \u2500\u2500 *\/\n.omp-grid {\n  display: grid;\n  grid-template-columns: repeat(2, 1fr);\n  gap: 14px; margin-top: 32px;\n}\n.omp-card {\n  background: var(--navy2);\n  border: 1px solid var(--border);\n  border-radius: var(--r-lg);\n  padding: 24px 20px;\n  transition: border-color 0.2s;\n}\n.omp-card:hover { border-color: rgba(0,200,188,0.35); }\n.omp-card-icon {\n  width: 40px; height: 40px;\n  border-radius: 10px;\n  background: var(--teal-dim);\n  display: flex; align-items: center; justify-content: center;\n  margin-bottom: 14px;\n}\n.omp-card-icon svg {\n  width: 20px; height: 20px;\n  stroke: var(--teal); fill: none;\n  stroke-width: 1.8; stroke-linecap: round; stroke-linejoin: round;\n}\n.omp-card h3 {\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: 17px; font-weight: 800;\n  letter-spacing: 0.06em; text-transform: uppercase;\n  color: var(--white); margin-bottom: 8px;\n}\n.omp-card p {\n  font-size: 13px; font-weight: 300;\n  color: var(--grey2); line-height: 1.6; max-width: none;\n}\n\n\/* \u2500\u2500 SCOPE \u2500\u2500 *\/\n.omp-scope-grid {\n  display: grid;\n  grid-template-columns: 1fr 1fr;\n  gap: 14px; margin-top: 28px;\n}\n.omp-scope-card {\n  background: var(--navy2);\n  border: 1px solid var(--border);\n  border-radius: var(--r-lg);\n  padding: 22px 22px;\n}\n.omp-scope-card h4 {\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: 13px; font-weight: 800;\n  letter-spacing: 0.12em; text-transform: uppercase;\n  margin-bottom: 14px;\n}\n.omp-scope-card.in h4 { color: var(--teal); }\n.omp-scope-card.out h4 { color: #f87171; }\n.omp-scope-list { list-style: none; display: flex; flex-direction: column; gap: 8px; }\n.omp-scope-list li {\n  display: flex; align-items: flex-start; gap: 9px;\n  font-size: 13px; font-weight: 300; color: var(--grey1);\n}\n.omp-scope-list li::before {\n  content: ''; width: 5px; height: 5px;\n  border-radius: 50%; flex-shrink: 0; margin-top: 7px;\n}\n.omp-scope-card.in .omp-scope-list li::before { background: var(--teal); }\n.omp-scope-card.out .omp-scope-list li::before { background: #f87171; }\n\n\/* \u2500\u2500 REPORT BLOCK \u2500\u2500 *\/\n.omp-report {\n  background: var(--navy3);\n  border: 1px solid var(--border2);\n  border-radius: var(--r-lg);\n  padding: 32px 36px;\n  margin-top: 28px;\n  position: relative; overflow: hidden;\n}\n.omp-report::after {\n  content: '';\n  position: absolute; right: -80px; bottom: -80px;\n  width: 300px; height: 300px;\n  border-radius: 50%;\n  border: 1px solid var(--teal-dim);\n  pointer-events: none;\n}\n.omp-email-chip {\n  display: inline-flex; align-items: center; gap: 9px;\n  font-size: 14px; font-weight: 500;\n  color: var(--teal);\n  background: var(--teal-lt);\n  border: 1px solid rgba(0,200,188,0.2);\n  border-radius: 8px;\n  padding: 10px 18px;\n  margin-bottom: 14px;\n  transition: background 0.2s;\n  word-break: break-all;\n}\n.omp-email-chip:hover { background: var(--teal-dim); }\n.omp-email-chip svg {\n  width: 15px; height: 15px;\n  stroke: var(--teal); fill: none;\n  stroke-width: 1.8; stroke-linecap: round; flex-shrink: 0;\n}\n.omp-report p {\n  font-size: 14px; font-weight: 300;\n  color: var(--grey2); max-width: 560px;\n}\n.omp-sla {\n  display: flex; flex-wrap: wrap; gap: 8px;\n  margin-top: 20px;\n}\n.omp-sla-item {\n  font-size: 12px; font-weight: 500;\n  color: var(--grey3);\n  background: rgba(255,255,255,0.04);\n  border: 1px solid var(--border);\n  border-radius: 6px; padding: 5px 12px;\n}\n.omp-sla-item span { color: var(--teal); }\n\n\/* \u2500\u2500 HALL OF FAME \u2500\u2500 *\/\n.omp-hof-top {\n  display: flex; flex-direction: column; align-items: flex-start;\n  gap: 10px; margin-bottom: 24px;\n}\n.omp-count {\n  font-size: 11px; font-weight: 700;\n  letter-spacing: 0.1em; text-transform: uppercase;\n  color: var(--grey3);\n  background: var(--grey4);\n  border: 1px solid var(--border);\n  border-radius: 100px; padding: 5px 16px;\n}\n.omp-count span { color: var(--teal); }\n\n\/* Table wrapper scrolls horizontally on small screens *\/\n.omp-table-wrap {\n  border: 1px solid var(--border);\n  border-radius: var(--r-lg);\n  overflow-x: auto;\n  -webkit-overflow-scrolling: touch;\n}\n.omp-table {\n  width: 100%; border-collapse: collapse;\n  min-width: 400px;\n}\n.omp-table thead tr { background: var(--navy3); }\n.omp-table th {\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: 11px; font-weight: 700;\n  letter-spacing: 0.15em; text-transform: uppercase;\n  color: var(--grey3);\n  padding: 13px 18px; text-align: left;\n  border-bottom: 1px solid var(--border);\n  white-space: nowrap;\n}\n.omp-table tbody tr {\n  border-bottom: 1px solid var(--border);\n  transition: background 0.15s;\n}\n.omp-table tbody tr:last-child { border-bottom: none; }\n.omp-table tbody tr:hover { background: var(--grey4); }\n.omp-table td {\n  padding: 14px 18px; font-size: 14px;\n  color: var(--grey2); vertical-align: middle;\n  white-space: nowrap;\n}\n.omp-table td:first-child { white-space: normal; }\n\n.omp-researcher { display: flex; align-items: center; gap: 10px; }\n.omp-avatar {\n  width: 34px; height: 34px; border-radius: 50%;\n  background: var(--teal-dim);\n  border: 1px solid rgba(0,200,188,0.25);\n  display: flex; align-items: center; justify-content: center;\n  font-family: 'Barlow Condensed', sans-serif;\n  font-size: 11px; font-weight: 800;\n  letter-spacing: 0.04em; color: var(--teal); flex-shrink: 0;\n}\n.omp-researcher strong {\n  font-size: 13px; font-weight: 600; color: var(--white); line-height: 1.45;\n}\n.omp-researcher .omp-email-small {\n  display: block; font-size: 11px; font-weight: 300;\n  color: var(--grey3); margin-top: 1px;\n}\n.omp-yr {\n  display: inline-block; font-size: 12px; font-weight: 500;\n  color: var(--grey3);\n  background: rgba(255,255,255,0.05);\n  border: 1px solid var(--border);\n  border-radius: 6px; padding: 3px 10px;\n}\n.omp-sev {\n  display: inline-block; font-size: 11px; font-weight: 700;\n  letter-spacing: 0.08em; text-transform: uppercase;\n  border-radius: 6px; padding: 4px 10px; white-space: nowrap;\n}\n.sev-c { background: rgba(248,113,113,0.12); color: #fca5a5; border: 1px solid rgba(248,113,113,0.2); }\n.sev-h { background: rgba(251,191,36,0.1);   color: #fcd34d; border: 1px solid rgba(251,191,36,0.2); }\n.sev-m { background: var(--teal-dim);         color: var(--teal); border: 1px solid rgba(0,200,188,0.2); }\n.sev-l { background: var(--grey4);            color: var(--grey3); border: 1px solid var(--border); }\n\n\/* \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n   RESPONSIVE\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550 *\/\n\n\/* Tablet \u2264 768px *\/\n@media (max-width: 768px) {\n  .omp-hero    { padding: 60px 24px 68px; }\n  .omp-section { padding: 48px 24px; }\n  .omp-report  { padding: 26px 24px; }\n}\n\n\/* Large mobile \u2264 580px *\/\n@media (max-width: 580px) {\n  .omp-hero    { padding: 44px 16px 52px; }\n  .omp-section { padding: 36px 16px; }\n  .omp-report  { padding: 20px 16px; }\n  \/* Hero *\/\n  .omp-eyebrow { font-size: 10px; gap: 6px; }\n  .omp-eyebrow::before, .omp-eyebrow::after { width: 16px; }\n  .omp-hero-tagline { font-size: 13px; }\n  .omp-hero-sub { font-size: 14px; margin-bottom: 24px; }\n  .omp-btn { width: 100%; padding: 13px 20px; font-size: 14px; }\n\n  \/* Guidelines: single column *\/\n  .omp-grid { grid-template-columns: 1fr; gap: 10px; margin-top: 20px; }\n\n  \/* Scope: single column *\/\n  .omp-scope-grid { grid-template-columns: 1fr; }\n\n  \/* Contact: email chip full width, SLA stack *\/\n  .omp-email-chip { width: 100%; justify-content: center; font-size: 13px; }\n  .omp-sla { flex-direction: column; gap: 6px; }\n\n  \/* Table: hide Country + Year columns, keep Researcher + Severity *\/\n  .omp-table th:nth-child(2),\n  .omp-table td:nth-child(2),\n  .omp-table th:nth-child(3),\n  .omp-table td:nth-child(3) { display: none; }\n  .omp-table th { padding: 11px 14px; }\n  .omp-table td { padding: 12px 14px; }\n  .omp-table { min-width: unset; }\n  .omp-avatar { width: 28px; height: 28px; font-size: 10px; }\n  .omp-researcher { gap: 8px; }\n  .omp-researcher strong { font-size: 12px; }\n  .omp-researcher .omp-email-small { font-size: 10px; }\n}\n<\/style>\n\n<div class=\"omp-sec\">\n\n  <!-- HERO -->\n  <div class=\"omp-hero\">\n    <div class=\"omp-hero-inner\">\n      <div class=\"omp-eyebrow\">OMPAY Security<\/div>\n      <h1>Vulnerability<br><span class=\"hl\">Disclosure<br>Program<\/span><\/h1>\n      <p class=\"omp-hero-tagline\">We take the protection of our customers' financial data seriously.<\/p>\n      <p class=\"omp-hero-sub\">\n        Found a security issue? Report it to our security team and we will\n        investigate promptly. Researchers who report valid vulnerabilities\n        are recognised in our Hall of Fame.\n      <\/p>\n      <a href=\"mailto:security@ompay.com\" class=\"omp-btn\">\n        <svg viewbox=\"0 0 24 24\"><path d=\"M4 4h16c1.1 0 2 .9 2 2v12c0 1.1-.9 2-2 2H4c-1.1 0-2-.9-2-2V6c0-1.1.9-2 2-2z\"\/><polyline points=\"22,6 12,13 2,6\"\/><\/svg>\n        Report a Vulnerability\n      <\/a>\n    <\/div>\n  <\/div>\n\n  <!-- GUIDELINES -->\n  <div class=\"omp-section\">\n    <div class=\"omp-inner\">\n      <p class=\"omp-label\">Guidelines<\/p>\n      <h2>Disclose Responsibly<\/h2>\n      <p>We ask all security researchers to follow these principles when identifying and reporting issues. Researchers acting in good faith will not face legal action from OMPAY.<\/p>\n      <div class=\"omp-grid\">\n\n        <div class=\"omp-card\">\n          <div class=\"omp-card-icon\">\n            <svg viewbox=\"0 0 24 24\"><circle cx=\"12\" cy=\"12\" r=\"10\"\/><line x1=\"12\" y1=\"8\" x2=\"12\" y2=\"12\"\/><line x1=\"12\" y1=\"16\" x2=\"12.01\" y2=\"16\"\/><\/svg>\n          <\/div>\n          <h3>Minimal Footprint<\/h3>\n          <p>Only test accounts you own or have explicit permission to access. Do not modify or delete data beyond what is necessary to prove the issue exists.<\/p>\n        <\/div>\n\n        <div class=\"omp-card\">\n          <div class=\"omp-card-icon\">\n            <svg viewbox=\"0 0 24 24\"><path d=\"M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z\"\/><\/svg>\n          <\/div>\n          <h3>Proof of Concept Only<\/h3>\n          <p>Do not exploit the vulnerability beyond what is needed to prove it exists. No automated scanning, DoS testing, or social engineering of our staff.<\/p>\n        <\/div>\n\n        <div class=\"omp-card\">\n          <div class=\"omp-card-icon\">\n            <svg viewbox=\"0 0 24 24\"><path d=\"M21 15a2 2 0 0 1-2 2H7l-4 4V5a2 2 0 0 1 2-2h14a2 2 0 0 1 2 2z\"\/><\/svg>\n          <\/div>\n          <h3>Clear Reporting<\/h3>\n          <p>Include steps to reproduce, affected endpoints, and an impact assessment. The more detail you provide, the faster we can resolve the issue.<\/p>\n        <\/div>\n\n        <div class=\"omp-card\">\n          <div class=\"omp-card-icon\">\n            <svg viewbox=\"0 0 24 24\"><circle cx=\"12\" cy=\"12\" r=\"10\"\/><polyline points=\"12 6 12 12 16 14\"\/><\/svg>\n          <\/div>\n          <h3>Coordinated Disclosure<\/h3>\n          <p>Please give us 90 days to investigate and remediate before publishing your findings publicly. We will keep you informed throughout the process.<\/p>\n        <\/div>\n\n      <\/div>\n    <\/div>\n  <\/div>\n\n  <!-- SCOPE -->\n  <div class=\"omp-section\">\n    <div class=\"omp-inner\">\n      <p class=\"omp-label\">Scope<\/p>\n      <h2>What's in Scope<\/h2>\n      <p>Please focus your research on the systems listed below. Out-of-scope reports will not be eligible for public recognition on this page.<\/p>\n      <div class=\"omp-scope-grid\">\n        <div class=\"omp-scope-card in\">\n          <h4>\u2713 In Scope<\/h4>\n          <ul class=\"omp-scope-list\">\n            <li>ompay.om, ompay.com and all subdomains<\/li>\n            <li>OMPAY mobile apps (iOS &amp; Android)<\/li>\n            <li>Authentication &amp; session management<\/li>\n            <li>API endpoints and data exposure<\/li>\n            <li>Cross-site scripting (XSS)<\/li>\n            <li>SQL injection and IDOR<\/li>\n            <li>Privilege escalation vulnerabilities<\/li>\n            <li>Server-side request forgery (SSRF)<\/li>\n          <\/ul>\n        <\/div>\n        <div class=\"omp-scope-card out\">\n          <h4>\u2717 Out of Scope<\/h4>\n          <ul class=\"omp-scope-list\">\n            <li>Third-party services and integrations<\/li>\n            <li>Social engineering or phishing attacks<\/li>\n            <li>Denial-of-service (DoS \/ DDoS)<\/li>\n            <li>Physical security testing<\/li>\n            <li>Issues requiring outdated browsers<\/li>\n            <li>Email configuration (SPF, DMARC, DKIM)<\/li>\n            <li>Clickjacking on non-sensitive pages<\/li>\n            <li>Scanner output without proof of concept<\/li>\n          <\/ul>\n        <\/div>\n      <\/div>\n    <\/div>\n  <\/div>\n\n  <!-- CONTACT -->\n  <div class=\"omp-section\">\n    <div class=\"omp-inner\">\n      <p class=\"omp-label\">Contact<\/p>\n      <h2>How to Report<\/h2>\n      <p>Send your findings to our security team. We aim to acknowledge all reports within 48 hours and will provide updates as we work toward a fix.<\/p>\n      <div class=\"omp-report\">\n        <a href=\"mailto:security@ompay.com\" class=\"omp-email-chip\">\n          <svg viewbox=\"0 0 24 24\"><path d=\"M4 4h16c1.1 0 2 .9 2 2v12c0 1.1-.9 2-2 2H4c-1.1 0-2-.9-2-2V6c0-1.1.9-2 2-2z\"\/><polyline points=\"22,6 12,13 2,6\"\/><\/svg>\n          security@ompay.com\n        <\/a>\n        <p>Please include steps to reproduce, affected URLs or endpoints, environment details, and your assessment of potential impact. Encrypted submissions are welcome \u2014 contact us to exchange PGP keys.<\/p>\n        <div class=\"omp-sla\">\n          <div class=\"omp-sla-item\">Acknowledgement <span>\u2264 48 hrs<\/span><\/div>\n          <div class=\"omp-sla-item\">Triage <span>\u2264 5 days<\/span><\/div>\n          <div class=\"omp-sla-item\">Status update <span>\u2264 30 days<\/span><\/div>\n          <div class=\"omp-sla-item\">Coordinated disclosure <span>90 days<\/span><\/div>\n        <\/div>\n      <\/div>\n    <\/div>\n  <\/div>\n\n  <!-- HALL OF FAME -->\n  <div class=\"omp-section\">\n    <div class=\"omp-inner\">\n      <div class=\"omp-hof-top\">\n        <div>\n          <p class=\"omp-label\">Recognition<\/p>\n          <h2>Hall of Fame<\/h2>\n        <\/div>\n        <div class=\"omp-count\"><span id=\"omp-count\">0<\/span> recognised researchers<\/div>\n      <\/div>\n      <p style=\"margin-bottom:24px;\">We thank the following researchers for responsibly disclosing valid vulnerabilities and helping make OMPAY safer for everyone.<\/p>\n\n      <div class=\"omp-table-wrap\">\n        <table class=\"omp-table\" id=\"omp-table\">\n          <thead>\n            <tr>\n              <th>Researcher<\/th>\n              <th>Country<\/th>\n              <th>Year<\/th>\n              <th>Severity<\/th>\n            <\/tr>\n          <\/thead>\n          <tbody id=\"omp-tbody\">\n\n            <tr>\n              <td>\n                <div class=\"omp-researcher\">\n                  <div class=\"omp-avatar\">RR<\/div>\n                  <strong>Raksh Raja\n                    <span class=\"omp-email-small\">nakshraja2015@gmail.com<\/span>\n                  <\/strong>\n                <\/div>\n              <\/td>\n              <td>\ud83c\uddee\ud83c\uddf3 India<\/td>\n              <td><span class=\"omp-yr\">2026<\/span><\/td>\n              <td><span class=\"omp-sev sev-l\">Low<\/span><\/td>\n            <\/tr>\n\n          <\/tbody>\n        <\/table>\n      <\/div>\n    <\/div>\n  <\/div>\n\n<\/div><!-- \/omp-sec -->\n\n<script>\n(function(){\n  var rows = document.querySelectorAll('#omp-tbody tr');\n  var el = document.getElementById('omp-count');\n  if (el) el.textContent = rows.length;\n})();\n<\/script>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>OMPAY Security VulnerabilityDisclosureProgram We take the protection of our customers&#8217; financial data seriously. Found a security issue? Report it to&#8230;<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"elementor_header_footer","meta":{"_eb_attr":"","footnotes":""},"class_list":["post-2386","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Responsible Disclosure - OMPAY<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ompay.om\/ar\/responsible-disclosure\/\" \/>\n<meta property=\"og:locale\" content=\"ar_AR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Responsible Disclosure - OMPAY\" \/>\n<meta property=\"og:description\" content=\"OMPAY Security VulnerabilityDisclosureProgram We take the protection of our customers&#8217; financial data seriously. Found a security issue? Report it to...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ompay.om\/ar\/responsible-disclosure\/\" \/>\n<meta property=\"og:site_name\" content=\"OMPAY\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-29T11:38:52+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u0648\u0642\u062a \u0627\u0644\u0642\u0631\u0627\u0621\u0629 \u0627\u0644\u0645\u064f\u0642\u062f\u0651\u0631\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u062f\u0642\u064a\u0642\u062a\u0627\u0646\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ompay.om\/responsible-disclosure\/\",\"url\":\"https:\/\/ompay.om\/responsible-disclosure\/\",\"name\":\"Responsible Disclosure - OMPAY\",\"isPartOf\":{\"@id\":\"https:\/\/ompay.om\/#website\"},\"datePublished\":\"2026-05-29T08:02:02+00:00\",\"dateModified\":\"2026-05-29T11:38:52+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/ompay.om\/responsible-disclosure\/#breadcrumb\"},\"inLanguage\":\"ar\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ompay.om\/responsible-disclosure\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ompay.om\/responsible-disclosure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ompay.om\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Responsible Disclosure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ompay.om\/#website\",\"url\":\"https:\/\/ompay.om\/\",\"name\":\"OMPAY\",\"description\":\"The Smarter Way To Pay!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ompay.om\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ar\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Responsible Disclosure - OMPAY","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ompay.om\/ar\/responsible-disclosure\/","og_locale":"ar_AR","og_type":"article","og_title":"Responsible Disclosure - OMPAY","og_description":"OMPAY Security VulnerabilityDisclosureProgram We take the protection of our customers&#8217; financial data seriously. Found a security issue? Report it to...","og_url":"https:\/\/ompay.om\/ar\/responsible-disclosure\/","og_site_name":"OMPAY","article_modified_time":"2026-05-29T11:38:52+00:00","twitter_card":"summary_large_image","twitter_misc":{"\u0648\u0642\u062a \u0627\u0644\u0642\u0631\u0627\u0621\u0629 \u0627\u0644\u0645\u064f\u0642\u062f\u0651\u0631":"\u062f\u0642\u064a\u0642\u062a\u0627\u0646"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ompay.om\/responsible-disclosure\/","url":"https:\/\/ompay.om\/responsible-disclosure\/","name":"Responsible Disclosure - OMPAY","isPartOf":{"@id":"https:\/\/ompay.om\/#website"},"datePublished":"2026-05-29T08:02:02+00:00","dateModified":"2026-05-29T11:38:52+00:00","breadcrumb":{"@id":"https:\/\/ompay.om\/responsible-disclosure\/#breadcrumb"},"inLanguage":"ar","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ompay.om\/responsible-disclosure\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ompay.om\/responsible-disclosure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ompay.om\/"},{"@type":"ListItem","position":2,"name":"Responsible Disclosure"}]},{"@type":"WebSite","@id":"https:\/\/ompay.om\/#website","url":"https:\/\/ompay.om\/","name":"OMPAY","description":"The Smarter Way To Pay!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ompay.om\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ar"}]}},"_links":{"self":[{"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/pages\/2386","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/comments?post=2386"}],"version-history":[{"count":88,"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/pages\/2386\/revisions"}],"predecessor-version":[{"id":2482,"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/pages\/2386\/revisions\/2482"}],"wp:attachment":[{"href":"https:\/\/ompay.om\/ar\/wp-json\/wp\/v2\/media?parent=2386"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}