If you think you have found a security vulnerability, please send a report to support@reportportal.io. This address can be used for all of ReportPortal's open source libraries . We can accept only vulnerability reports at this address.

Please encrypt your message to us.

ReportPortal Team will send you a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Important: We ask you to not disclose the vulnerability before it have been fixed and announced, unless you received a response from the ReportPortal security team that you can do so.

We maintain announcements of security issues with highest priority via our public channels in Twitter, Slack and Facebook page, where we will post a summary, remediation, and mitigation details for any patch containing security fixes.