Pax8 Responsible Disclosure
As your security ally, keeping the Marketplace safe is our primary concern, but sometimes vulnerabilities escape detection.
Responsible Disclosure Guidelines
Pax8 appreciates the support of security researchers in the effort to quickly identify and remediate vulnerabilities in a manner that reduces the risk to all stakeholders. To encourage responsible disclosure, we ask that researchers partner with us by using our Responsible Disclosure guidelines.
Comply with all applicable laws and regulations.
Report vulnerabilities to us as quickly as reasonably possible.
Allow Pax8 the opportunity to correct a vulnerability within a reasonable timeframe before publicly disclosing the identified issue.
Make a good faith effort to avoid privacy violations and destruction or interruption of our services.
Do not modify or destroy data that does not belong to you.
Avoid any activity that may impact the availability of the Pax8 Marketplace.
While we appreciate reports, we do not have a formal bug bounty and do not provide financial compensation for vulnerability reports.
Vulerability Disclosure Form
If you believe you’ve discovered a vulnerability in the Pax8 Marketplace, please complete the form. We will respond as quickly as possible, and we ask that you not disclose any information publicly until the issue has been addressed.