SSDP multicast leakage across VLAN on GS308EP

I've tested more and I'm now getting confident this is a bug in the switch! 

It sends IP multicast messages between independent VLAN1 to VLAN2. This is an unexpected error. Arbitrary formatted messages with destination address to any IP address of "<224-239>.<1-255>.255.250" to port 1900 are broadcast across the VLANs. The communication works both ways. This can be used to create backdoor communication between any of the 4080 open IPs between the VLANs.

The 239.255.255.250:1900 is used for SSDP which is UPnP protocol for advertising availability of equipment. The described behavior is effectively:

• Sending IP addresses between VLANs
• Sending presence and status of UPnP equipment
• Can be used as a unsolicited data channel between the VLANs

How to repro the error:

1. Configure two independent VLAN 1 and VLAN 2 that share no common ports
2. Insert computer1 (generator) into a VLAN 1 port
3. Insert computer2 (observer) into a VLAN 2 port
4. Computer 1: Send UDP datagram with payload "foobar" to IP 224.255.255.240 UDP port 1900
5. Computer 2: Observe with wireshark the reception of the UDP "foobar" message from IP of computer 1 and destination to selected multicast IP

I've tested a lot of different settings, IGMP on/off, UPnP on/off to no avail. I've tested firmware reset of the device without any resolution.

Where should error reports like this be reported?