Responsible Disclosure of Security Vulnerabilities Web security is constantly evolving; It is our top priority to keep our customer's personal data safe and confidential.

Please act in good faith towards our customer's privacy and data during your disclosure. Orangescrum requests that you don't post or share any information about a potential vulnerability publicly. Also, we respectfully ask that you do not post or share any data belonging to our customers. We will not take legal actions against individuals who act in good faith and responsibly disclose a security issue.

Thank You

We always appreciate your taking the time to help us find and fix security issues.

We would like to thank the following individuals who helped Orangescrum realize and fix security issues.

If you think you've discovered an issue with Orangescrum security measures, please contact us at developer@orangescrum.com. Once we've received your message, we will investigate the issue. If you are interested in helping find the solution, let us know and we will involve you as much as we can.

NOTE: In your disclosure, please include the potential impact with screen-shot if possible, steps to reproduce the issue and page name. Also don't forget to mention your Name, Twitter/Facebook/LinkedIn/G+ ID

user

vikas chopalli

@vikas115m

user

Aditya Agrawal

@exploitprotocol

user

Shivam-Kumar

@netanalysts

user

Maulik Vaidh

@Maulik1827

user

JayvardhanSingh

@Silent_Screamr

user

Cj Legacion

@LegacionCj

user

Tolesh Kumar Jangid

@urstkj

Thank you very much for your contribution!

We appreciate and will try to publish your profile here; we donot provide any monetary compensation. Your help may save our customer!