Reach out to firstname.lastname@example.org, if you have found any potential vulnerability in our products meeting all the below mentioned criteria. You can expect a confirmation from our security team in about 24 hours of submission.
You can also report bugs online below, using the "Report" button.
Please refrain from doing security testing in existing customer accounts.
When conducting security testing, make sure not to violate our privacy policies, modify/delete unauthenticated user data, disrupt production servers, or to degrade user experience.
You’re allowed to disclose the discovered vulnerabilities only to email@example.com. Documenting any potential In/Out of scope vulnerability to the public is against our responsible disclosure policy.
We encourage you to encrypt your message with our public key to ensure that it it remains safe in transit.
All bugs that are reported are qualified based on its impact on customer’s production data.
We will consider other security vulnerabilities if it is making an impact and exploitable with a working non-intrusive POC.
Freshworks will define the severity of the issue based on the impact and the ease of exploit.
|Acknowledgement||Within 24 hours|
|Time taken to resolve||Based on the Severity|
We want to thank and recognize the following individuals who have responsibly disclosed one or more security vulnerabilities in the Freshworks suite of products and are enabling us to better serve our customers.