Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Vulnerability Disclosure Rate Topic   - - - - -

 
  • benjamin
  • Newbie
  • Trial users
  • Join Date: 30-Apr 20
  • 1 posts

Posted 30 April 2020 - 09:42 AM #1

Hello, I have found a moderately severe vulnerability in CS-Cart as part of a penetration test, can you please advise of the email or channel I can disclose this and confirm?



 
  • ikoshkin
  • Tech Writer
  • CS-Cart Architects
  • Join Date: 25-Nov 15
  • 495 posts

Posted 05 May 2020 - 06:09 AM #2

Hello, and thank you for your question. For license owners, the best way to report a security vulnerability is to contact technical support via Help Desk. If you don't have a CS-Cart or Multi-Vendor license, you can use this form. That way, your message will surely reach the right specialist.



 
  • mr_me
  • Newbie
  • Trial users
  • Join Date: 25-Jan 21
  • 2 posts

Posted 25 January 2021 - 05:50 PM #3

This form is quite useless as there is no way to upload reports or share images, etc. This is a poor way to accept security vulnerability reports.



 
  • ikoshkin
  • Tech Writer
  • CS-Cart Architects
  • Join Date: 25-Nov 15
  • 495 posts

Posted 26 January 2021 - 12:41 PM #4

For security vulnerability reports, we now also have a dedicated email address: security@cs-cart.com