Vulnerability Disclosure Program (VDP)

Forfront is committed to protecting our customers, as part of our continuous security improvements, we have established a security program ("Program") for users to report security-related issues associated with the e-shot Platform ("Platform") to us. If you believe you have found a vulnerability or issue and would like to participate in our Program, we ask that you submit a detailed description of the issue to us, including the steps that we can take to reproduce the issue and/or a proof-of-concept ("Report"). 

Once you submit a Report to us, please allow our team a reasonable amount of time to respond to your Report and correct the issue. We appreciate your efforts to protect our Platform. All Reports are subject to the terms and conditions ("Terms") of our Program, set forth below, and with the Terms of Services available on the Platform.

Report a security issue

First, please let us know which you are:

I'm an e-shot customer
I'm a security researcher

*Bugcrowd Vulnerability Rating Taxonomy

The Forfront “Report a Security Issue” form is intended only for notifying us of security-related issues associated with our e-shot platform. If you have an inquiry about placing an order, account access, or technical support, then please contact our Customer Success team directly. Thank you! 

Responsible Disclosure Policy 

Forfront is committed to protecting our Platform and has established a security program ("Program") for users to report security-related issues associated with our e-shot platform ("Platform") to us. If you believe you have found a vulnerability or issue and would like to participate in our Program, we ask that you submit a detailed description of the issue to us, including the steps that we can take to reproduce the issue and/or a proof-of-concept ("Report"). Once you submit a Report to us, please allow our team a reasonable amount of time to respond to your Report and correct the issue. We appreciate your efforts to protect our Platform. All Reports are subject to the terms and conditions ("Terms") of our Program, set forth below, and with the Terms of Services available on the Platform. 

 

Eligibility 

The Program is open to individuals who are 18 years of age or older (or the age of majority in your jurisdiction of residence, whichever is older), provided that users who access our Platform from any country against which the United Kingdom has issued export sanctions or other trade restrictions are not eligible to participate in the Program. The Program is void wherever prohibited or restricted, and is subject to all local laws. You must comply with all applicable laws during your participation in the Program, including but not limited to those regarding the transmission of technical data exported from the United Kingdom or the country from which you access our Platform. Forfront shall have the right at any time to change or discontinue any aspect or feature of the Program. 

 

Scope 

We invite and welcome Reports on any security-related issue or vulnerability that you may find on our Platform. However, please do not resort to phishing, spamming and other questionable methods that may harass our users or compromise their data, generate significant volumes of traffic, or cause disruption to our Platform. 

 

Ownership and Incentive 

Any Report that you submit to us will become our property, and we are under no obligation to act on a Report. However, if we do act on a Report, we may in our sole discretion extend monetary or non-monetary compensation ("Reward") to you as a gesture of our appreciation for helping out Forfront and the Platform. You will be responsible for any local taxes and any expenses, costs, or fees associated with your participation in the Program and any Reward. 

 

Warranty Disclaimers 

YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT: (1) YOUR PARTICIPATION IN THE PROGRAM AND USE OF ANY REWARD IS AT YOUR SOLE RISK. FORFRONT EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. Forfront SPECIFICALLY DISCLAIMS ANY LIABILITY WITH REGARD TO ANY ACTIONS RESULTING FROM YOUR PARTICIPATION IN THE PROGRAM OR USE OF ANY REWARD. 

 

Final Note 

We ask that you follow principles of responsible disclosure and give the Forfront security team a reasonable amount of time to respond to and correct the submitted issue before you make it public. We ask you to remain open in communicating with us regarding any public disclosure so that we're in agreement on the report and timelines.