Website
Community
Blog
Developer
Rocket.Chat Documentation
Installing and Updating
Getting Support
Development Docs
Guides
User Guides
Rocket.Chat Administrator Guides
Omnichannel Guides
Mobile Guides
Roles in Rocket.Chat
Security and Compliance Guides
Apps Guides
Brand and Visual Guidelines
Contributors
How can I help?
Bug Reporting
Developing
Documenting
Promoting
Security
Responsible Disclosure Policy
Translating
Donate
Contributor Code of Conduct
Google Summer of Code
Google Season of Docs
Github Sponsorship
Rocket.Chat SaaS
Cloud Account
FAQ
Legal
Terms of Service
Master Services Agreement for Self Managed Workspaces
Privacy Policy
Code of Conduct for our services
GDPR
Censorship and Harmful Content
Guidelines for Law Enforcement
Server Lookup
DMCA Policy
Powered by GitBook

Responsible Disclosure Policy

Please submit your findings directly into our Hackerone program. Alternatively you can email the details to Rocket.Chat's security team at [email protected] You will then receive an e-mail with instruction on how to proceed with the disclosure.

Please refrain from requesting compensation for reporting vulnerabilities. If you want we will publicly acknowledge your responsible disclosure on our WhiteHat Hall of Fame. We also try to make the confidential issue public after the vulnerability is announced.

You are not allowed to search for vulnerabilities on Rocket.Chat's Community server. Rocket.Chat is open source software, you can install a copy yourself and test against that. If you want to perform testing without setting Rocket.Chat up yourself please contact us to arrange access to a staging server.

You can find more about how to contribute to our security here.

Previous
Security
Next
Translating
Last updated 11 months ago
Edit on GitHub