We are grateful for any reports of security problems at our service. In case you found something, please contact email@example.com. We will never sue for hacking done in good faith.
We hate sitting on a vuln as much as you do. Nonetheless you'd do us a huge favor if you gave us 7 days after our initial reply before you publish your findings, or 14 days in case you don't receive any answer.
Our code should be good enough that we won't be able to pay you fairly for the time you spent. As a token of appreciation, we will send 250 EUR your way for code execution on the quuxlogging servers or a way to access the stored logs which is not via a correctly authenticated login.