docs(server): add security acknowledgments

Update the public security page to add a dedicated acknowledgments section, align the bug bounty copy with the current disclosure policy, and make it explicit that valid reports can be credited on-page.

How to test locally

• Not run (not requested)

No GitHub comments yet.