do you have bugbounty program for your website

  • Profile Image
    shubham 
    Asked on August 05, 2014 at 04:19 PM

    hello....

    do you have bugbounty program for your website ???

    if i report any vulnerability, will i get any reward, swag or any gift ???

  • Profile Image
    david
    Answered on August 05, 2014 at 05:31 PM

    Hi,

    Though we do not currently have a bug bounty program and in fact we have specialist for that, I have forwarded your message to our development team.  As bugs and vulnerabilities are our highest priority, we are always looking for new leads and there may be something we can do.

    Thank you for your interest in helping us out!

  • Profile Image
    Jeanette
    Answered on December 26, 2016 at 05:39 PM

    From now on, please use  this form  to report a vulnerability.

    Thank you.

  • Profile Image
    aquilesbailoyo2
    Answered on January 05, 2017 at 09:32 PM

    Hi jeanette, 

     

    you have a list of bounty rewards ?

     

    thanks

  • Profile Image
    liyam
    Answered on January 06, 2017 at 12:32 AM

    Hello aquilesbailoyo2,

    We do not have a list for bounty rewards. Feel free to submit a vulnerability that you find and we'll get back to you as soon as possible.

    Thanks.

  • Profile Image
    laksha
    Answered on January 22, 2017 at 05:14 PM

    Hello there.

     

    Thank you

  • Profile Image
    liyam
    Answered on January 22, 2017 at 07:38 PM

    Hello laksha,

    I'm not sure I'm following you on your comment with a link to an old thread. If you have found any vulnerability on any part of JotForm, please use this form.

    Thanks.

  • Profile Image
    tayyab qadir 
    Answered on February 06, 2017 at 11:04 AM

    Hi sir i have reported two XSS Filter bypasses via form please have a look on that 
    Thanks
    Regards
    Tayyab Qadir 

  • Profile Image
    ashwin_d
    Answered on February 06, 2017 at 12:45 PM

    Hello Tayyab,

    Have you reported the vulnerabilities by accessing the following URL: https://form.jotform.com/62984139400962

    Someone from our backend team will get back to you shortly.

    Thank you!

  • Profile Image
    tayyab qadir 
    Answered on February 10, 2017 at 07:22 AM

    Yes  sir 
    here is the ID of My report But one week passed no response For these 

    1st XSS Vulnerable report : VULN-2017-02-05-1258
    2nd XSS Vulnerable Report : VULN-2017-02-06-1907
    3rd XSS Vulnerability report :VULN-2017-02-06-2102

    Waiting for that sir Thanks
    :) 

  • Profile Image
    ashwin_d
    Answered on February 10, 2017 at 08:39 AM

    Hello Tayyab,

    Your vulnerability reports have already reached our backend team. I believe someone form our backend team will respond to you directly. 

    Thank you!

  • Profile Image
    Tayyab Qadir 
    Answered on February 10, 2017 at 04:28 PM

    Hope so 

    Cause it almost one week passed and no response that why i was worried 

    But i will wait 😇

  • Profile Image
    david
    Answered on February 10, 2017 at 04:33 PM

    We have been quite a bit busier than usual with the V4 builder launch.  We should hopefully be able to address the issue soon.

  • Profile Image
    Tayyab Qadir 
    Answered on February 11, 2017 at 12:14 AM

    Thanks You sir i'll wait :) 

  • Profile Image
    Sajibe Kanti 
    Answered on February 15, 2017 at 01:43 PM

    hi i am also not getting the replies from security team
    regards
    Sajibe Kanti 

  • Profile Image
    david
    Answered on February 15, 2017 at 02:46 PM

    If you have reported the bug through the following form:

    https://form.jotform.com/62984139400962

    Our team will follow up as soon as they get to your report.

  • Profile Image
    tayyab qadir 
    Answered on March 06, 2017 at 02:24 AM

    Hi Security Team 

    I am Awaiting for the response of My Three XSS Report Which reported via Form More then a month ago 

    Can you tell the current situation whats Going on 
    for these report 


    1st XSS Vulnerable report  :  VULN-2017-02-05-1258 
    2nd XSS Vulnerable Report : VULN-2017-02-06-1907

    3rd XSS Vulnerable Report : VULN-2017-02-06-2102


    Thanks
    Regards
    Tayyab Qadir 

     

  • Profile Image
    Charlie
    Answered on March 06, 2017 at 03:30 AM

    @tayyab qadir

    I have opened a separate thread for your concern. Please refer to this link: https://www.jotform.com/answers/1082508. Thank you.

  • Profile Image
    Tayyab qadir 
    Answered on March 06, 2017 at 05:21 AM

    Ok thanks 

  • Profile Image
    smitgajra007
    Answered on March 10, 2017 at 08:39 AM

    Hi @jotform Team

     

    Have you looked at VULN-2017-03-07-2039 ??

    Hi, just wondering if there's been any update?

     

    Regards,

    Smit Gajra

    Independent Cyber Security Researcher

    hackerone.com/smit

  • Profile Image
    david
    Answered on March 10, 2017 at 11:04 AM

    I am not sure if our devs have had a chance to look at the report at of yet.  They will follow up as soon as they can.

  • Profile Image
    smitgajra007
    Answered on March 21, 2017 at 01:32 PM

    Hi @david

    just wondering if there's been any update about VULN-2017-03-07-2039 ??

    Thanks!

    Smit

     

     

  • Profile Image
    david
    Answered on March 21, 2017 at 02:39 PM

    As soon as the developers have had a chance to address the bug, they will follow up.  Unfortunately, they may not have had a chance to address it yet.

  • Profile Image
    Smit 
    Answered on May 29, 2017 at 09:02 PM

    VULN-2017-05-11-806

    Hi @david

    just wondering if there's been any update about VULN-2017-05-11-806??

    Thanks!

    Smit

     

  • Profile Image
    Chriistian
    Answered on May 29, 2017 at 09:35 PM

    @Smit,

    Please note that you will be contacted with the email address you have provided on the form if there are any updates with your report. 

    Regards.

  • Profile Image
    ashwin_d
    Answered on June 07, 2017 at 08:32 AM

    Hello OneAnasTiger,

    Have you reported the vulnerability in the following form:  https://form.jotform.com/62984139400962

    If you have reported, I am sure someone form our backend team will get back to you soon.

    Thank you!

  • Profile Image
    Charlie
    Answered on August 14, 2017 at 04:36 AM

    @Smit

    Hi, I've opened a separate thread for your concern. You can check it on this link: https://www.jotform.com/answers/1222705. We'll address your concern there shortly.

    Thank you.