Team-digiRunner considers the security of our systems a top priority. Despite our best efforts, vulnerabilities may still exist.
If you discover a serious security vulnerability with a realistic and tested risk assessment, we encourage you to report it to us as soon as possible so we can take immediate action.
CVSS V3 Score rating will be used as priority:
Low - 0.1 - 3.9
Medium 4.0 - 6.9
High - 7.0 - 8.9
Critical - 9.0 - 10.0
CVSS V2 Score rating will be used where no CVSS score is given:
Low - 0.1 - 3.9
Medium 4.0 - 6.9
High - 7.0 - 10.0
To submit a vulnerability please use the following template:
- Name:
- Github ID:
- Vulnerability Severity:
- CVSS Score:
- Exploitable: Y/N
- Detailed report (Stating method, Screenshots, URLs):
- Tools Used:
- Recommended Remediation:
- E-mail your findings to opensourceprogramoffice@tpisoftware.com using the subject "Vulnerability Submission".
-
We will acknowledge receipt of your report within 5 business days..
-
Our security team will investigate the issue and aim to provide an initial response within 5 business days.
-
If necessary, we will work with you to better understand and resolve the vulnerability.
We appreciate your efforts to keep Team-digiRunner secure and value the security research community's contributions.