All activity
Rupak Aminleft a comment
Hey Steven — great product! I did a passive security review and found a CORS misconfiguration on your API that reflects any origin. Also, DMARC is p=none which is risky for a chargeback platform. Happy to share a full report with evidence + fixes if you're interested. Reach me at rupak@codevixlabs.com.
CertNode ReflexAI-powered chargeback defense. Pay only when you win.