Thanks for making Button a secure marketplace.
If you're a security expert or researcher and you believe you've discovered a security-related issue with Button's systems or mobile products, we appreciate your help in disclosing the issue to us responsibly. We use HackerOne to manage and reward vulnerability reports.
Button asks the security research community to give us an opportunity to correct a vulnerability before publicly disclosing it. You may submit a report to us by emailing firstname.lastname@example.org with a detailed description of the issue and the steps to reproduce it. Please make a good faith effort to protect our users' privacy and data.
Button is committed to addressing security issues responsibly and in a timely manner.