Simpplr is committed to protecting Simpplr and its customers from any meaningful security concerns from the use of its services.
Before submitting vulnerability information here, please read our vulnerability disclosure policy (VDP) at https://simpplr.com/vulnerability-disclosure-policy
- We only accept vulnerability reports through this form for the systems that are listed in our VDP.
- We also accept emails at <mailto:security@simpplr.com> and can engage in back-and-forth conversation there. The PGP key is available at https://simpplr.com/pgp-key.txt
By using this form, you agree to:
- Notify us as soon as possible after you discover a real or potential security issue.
- Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction or manipulation of data.
- To the best of our ability, we will confirm the existence of the vulnerability to you and be as transparent as possible about what steps we are taking during the remediation process, including issues or challenges that may delay resolution.
- We will maintain an open dialogue to discuss issues.
You may submit this form to security@simpplr.com. We will acknowledge the receipt of your report within 3 business days.
- Please share your contact information so that we may connect with you about your report
- Please share the Simpplr resource that is impacted by the vulnerability that you are reporting (URL/Hostname/Domain)
- Please describe the vulnerability
- Please share any screenshot(s) that may describe the vulnerability graphically
- Please describe the potential impact of this vulnerability
- Please list the detailed steps to reproduce this vulnerability with supporting screenshots and scripts
- Is there anything else that you would like us to know about?
- (Optional) You may share your email address so that we can contact you about your report.