Security is a top priority for us. If you’ve discovered a security vulnerability in Blesta we hope you’ll share it with us in a responsible and discrete manner.
Reporting a Security Vulnerability
If you’ve discovered a potential security vulnerability in Blesta, please email us at. We take matters of security very seriously and will work with you to resolve the issue as quickly as possible.
If your report reveals a previously unknown and undisclosed vulnerability, and you act in good faith, allowing us reasonable time to correct the issue without publicly releasing any information, we’ll credit you by adding your name to this page.
Under no circumstance should you to attempt to test for exploits in any of our live systems. Such an act is malicious, and will be treated as such, whether or not it reveals or exploits any vulnerability.
What Qualifies as a Security Vulnerability
We only consider vulnerabilities with the Blesta software product. Please do not submit vulnerabilities for any third-party software.
Thank you for helping make Blesta better.
- Vlad C. of NetSec Interactive Solutions
- Clifford Trigo (@mrtrizaeron) and Evan Ricafort (@robinhood0x00)
- Nerijus Barauskas at NGnTC
- Kyle at MemoryX2
- Sabri (@pwnsdx)
- Abdellah nadi (https://www.facebook.com/Fatality04)
- Virendra Yadav (https://www.linkedin.com/in/virendra-yadav-9232b115a/)