Left Background ImageRight Background Image

Report Vulnerabilities


Nobody is perfect – not even us. If you discover a security vulnerability, we would greatly appreciate your help in fixing it. Our priority is to resolve the root cause as quickly as possible and to minimize any potential damage, especially to third parties. We value constructive and respectful communication in this process.

So please, let us know if you have discovered a security issue. We do not offer fixed bounties for finding and reporting vulnerabilities but security researchers who help us close significant gaps will be featured in our
Hall of Fame.

Tips for Reporting

We take reports of security vulnerabilities seriously and appreciate any help in closing them. To ensure the process is as smooth and quick as possible, here are some tips for efficiently reporting Crowdee security issues:

  1. To report a vulnerability, fill out our contact form or send an Email to: security@crowdee.com.

  2. Describe as concretely as possible where you found the bug. Provide us with a URL, IP, or any coordinates you have.

  3. Describe exactly what happens when the bug is triggered.

  4. Please explain step by step how we can reproduce it.

  5. It can be helpful to explain why this is a problem or what could potentially happen due to this vulnerability. (Note: We are aware of issues like XSS and their dangers, but sometimes the situation is less clear, and your assessment helps us in evaluating the issue).

  6. Finally, feel free to provide any tips on how we might resolve the problem.

It would be great if you could provide us with an address where we can reach you for any further questions; however, we also accept anonymous tips. Encrypted communication, such as via PGP, is possible upon request.