責任のあるセキュリティの脆弱性の開示

セキュリティの脆弱性を報告する:

security-reporting@freelancer.com

Only security related submissions will be considered. If you wish to encrypt your submission please use the following PGP key.
If you require site-related support please visit the support page.

不正行為を行わないでください

これには、あらゆるタイプのDoS攻撃、他のユーザーのデータを権限無く閲覧すること、データを権限無く改変することが含まれます。

ガイドライン

Freelancer recognizes the importance of researchers who contribute to the security of our website. To encourage bug and vulnerability reports, we will commit to not bringing private action nor public inquiry against researchers who follow these guidelines such that the vulnerability:

  • is reported to Freelancer via the above email as soon as possible
  • is not published elsewhere
  • exists on a domain owned by Freelancer (e.g. *.freelancer.com, freelancer.co.*)
  • is verifiable by the security team

Please include the following information in your submission:

  • a proof-of-concept or demonstration of the vulnerability
  • detailed instructions on how to reproduce the vulnerability
  • an e-mail address we can contact you at

表彰

Vulnerabilities that are deemed especially worthy by the security team may be rewarded in the following ways:

  • a name or company of the researcher's choosing published on the Security Hall Of Fame
  • a special White Hat badge (shown below) awarded to the researcher's Freelancer.com account
Freelancerセキュリティサブミッションガイドライン White Hat Badge