At Criteo we take all security issues and disclosures very seriously. Any information such as the way to reproduce, the tools used with their version and the output, help us investigate and will be greatly appreciated.
Would you need to report a vulnerability in our products or websites, please e-mail firstname.lastname@example.org. We will keep you posted on each change during the mitigation and long-term fix process.
Criteo is running a selective bug bounty program that is subject to rewards when vulnerabilities in the scope of the program are detected and confirmed. Please contact us at email@example.com if you’re willing to join the program.
If you would like to secure your communications with us, please use our GPG key available here.