JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.
We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.
We take security here in JotForm very seriously. All of the submissions are using SSL.
The forms and submissions are transmitted securely with a 256 bit high-grade encryption. It means that the data is encrypted during the transmission and cannot be interrupted by anyone else. We have a SSL certificate that uses SHA256 /w RSA. (https://www.ssllabs.com/ssltest/analyze.html?d=secure.jotform.com)
We have bug bounty programs where we pay outside parties for reporting vulnerabilities in our system. Our servers are protected by private networks and constantly updated and patched.
Please check our FAQ: https://www.jotform.com/faq#18
If you have any specific questions about security, please let us know. We are more than happy to answer them. Thank you.
When a user fills out a textfield or textbox on a form, they could embed malicious script in the text, which could potentially result in a hack to our systems.
How does Jotform guard against Cross Site Scripting attacks? Are you OWASP (Open Web Application Security Project) certified ?
I created a separate thread for your question, here's the link: https://www.jotform.com/answers/1004940.