{"id":8087,"date":"2020-02-04T14:01:03","date_gmt":"2020-02-04T13:01:03","guid":{"rendered":"https:\/\/www.solvinity.com\/responsible-disclosure\/"},"modified":"2026-03-18T11:59:15","modified_gmt":"2026-03-18T10:59:15","slug":"coordinated-vulnerability-disclosure","status":"publish","type":"page","link":"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/","title":{"rendered":"Coordinated Vulnerability Disclosure"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"8087\" class=\"elementor elementor-8087 elementor-8075\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5ddadc2c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"5ddadc2c\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5dcc8525\" data-id=\"5dcc8525\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3984bad8 privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"3984bad8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h1>Coordinated Vulnerability Disclosure<\/h1>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3dc36bb0 privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"3dc36bb0\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">At Solvinity the security of our systems is of utmost importance. Despite our attention to security, it may happen that there is a weak spot in one of our systems or in one of our customers\u2019 systems.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:140,&quot;335559740&quot;:276}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">Our policy for responsible disclosure is not an invitation to actively and extensively scan our company network to uncover vulnerabilities. We monitor our company network ourselves.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:140,&quot;335559740&quot;:276}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">If you still find a flaw in our systems, we would like to receive a Coordinated Vulnerability Disclosure (CVD), so we can take measures as soon as possible. We would like to cooperate with you in order to better protect our customers and our systems.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:140,&quot;335559740&quot;:276}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-18e34c98 privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"18e34c98\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h6><span class=\"TextRun SCXW54697485 BCX0\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW54697485 BCX0\" data-ccp-parastyle=\"heading 2\">Which vulnerabilities can be reported via a CVD?<\/span><\/span><span class=\"EOP SCXW54697485 BCX0\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;335559738&quot;:200,&quot;335559739&quot;:120}\">\u00a0<\/span><\/h6>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-437f8e80 privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"437f8e80\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">Vulnerabilities that pose a risk to system security can be reported to us. Examples include vulnerabilities that enable login forms to be bypassed or provide unauthorized access to databases containing personal information.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:140,&quot;335559740&quot;:276}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">Not every defect in a system constitutes a vulnerability. In general, the following defects do not result in a potential security breach and we therefore kindly request that you do not report such vulnerabilities to us:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:140,&quot;335559740&quot;:276}\">\u00a0<\/span><\/p><ul><li>Defects that do not affect the availability, integrity or confidentiality of data.<\/li><li>The availability of the WordPress xmlrpc.php functionality when its abuse is limited to what is known as a &#8216;pingback denial-of-service&#8217; attack.<\/li><li>The opportunity to use cross-site scripting on a static website or a website that does not process any sensitive (user) data.<\/li><li>The availability of version information, for example via an info.php file. One possible exception in this scenario is when the version information reveals that the system uses software that contains known vulnerabilities.<\/li><li>The lack of HTTP security headers as used by mechanisms such as Cross-Origin Resource Sharing (CORS), unless this lack of a security header demonstrably results in a security problem.<\/li><\/ul><p><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:140,&quot;335559740&quot;:276}\">If you have any doubts about whether the defect you have found constitutes one of the above exceptions, then you can of course still report the defect to us. We will subsequently determine whether the defect constitutes a vulnerability and take appropriate follow-up action. <\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3e1d52ba privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"3e1d52ba\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h6><span class=\"TextRun SCXW197741565 BCX0\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW197741565 BCX0\" data-ccp-parastyle=\"heading 2\">What we ask of you<\/span><\/span><span class=\"EOP SCXW197741565 BCX0\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;335559738&quot;:200,&quot;335559739&quot;:120}\">\u00a0<\/span><\/h6>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3a00fceb privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"3a00fceb\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>E-mail your findings to <a href=\"mailto:security@solvinity.com\">security@solvinity.com<\/a>. Encrypt your findings with our <a href=\"https:\/\/www.solvinity.com\/pgp-key\/\">PGP-key<\/a> (fingerprint 4F90 3393 06A6 674E 9486 5509 7E0B 4A53 0F4D 88ED) to prevent the information falling into the wrong hands.<\/li><li>To not abuse the problem, for instance by downloading more data than necessary to show the leak or to look into, remove or change data of third parties, or introduce malware.<\/li><li>To not share the problem with others until it is solved, and to delete all confidential data that was obtained through the leak as soon as it has been closed.<\/li><li>To not make use of attacks on physical security, social engineering, distributed denial of service, spam or third-party applications.<\/li><li>To give sufficient information to reproduce the problem so we can solve it as soon as possible. Usually the IP-address or the URL of the affected system and a description of the vulnerability is sufficient, but more complex vulnerabilities may require additional information.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1d7eacd3 privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"1d7eacd3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h6><span class=\"TextRun SCXW197741565 BCX0\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW197741565 BCX0\" data-ccp-parastyle=\"heading 2\">What we promise you<\/span><\/span><\/h6>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ef00900 privacy-statement-text elementor-widget elementor-widget-text-editor\" data-id=\"ef00900\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>We will respond to your message within 3 business days with our assessment of the issue and an expected date for the solution.<\/li><li>If you have complied with the above-mentioned conditions, then there will be no grounds for legal consequences in relation to your report.<\/li><li>We will treat your notification confidentially and your personal information will not be shared with third parties without your permission, unless this is necessary to fulfill a legal obligation. Reporting under a pseudonym is possible.<\/li><li>We will keep you updated on the progress of the solution of the issue.<\/li><li>In the communication about the reported issue, we will, if you wish, mention your name as the discoverer.<\/li><\/ul><p>We strive to resolve any problems as quickly as possible, and we would like to be involved in any publication about the problem after it is resolved.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Coordinated Vulnerability Disclosure At Solvinity the security of our systems is of utmost importance. Despite our attention to security, it may happen that there is a weak spot in one of our systems or in one of our customers\u2019 systems.\u00a0 Our policy for responsible disclosure is not an invitation to actively and extensively scan our [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-8087","page","type-page","status-publish","format-standard","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Coordinated Vulnerability Disclosure - Solvinity<\/title>\n<meta name=\"robots\" content=\"noindex, nofollow\" \/>\n<meta property=\"og:locale\" content=\"nl_NL\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Coordinated Vulnerability Disclosure - Solvinity\" \/>\n<meta property=\"og:description\" content=\"Coordinated Vulnerability Disclosure At Solvinity the security of our systems is of utmost importance. Despite our attention to security, it may happen that there is a weak spot in one of our systems or in one of our customers\u2019 systems.\u00a0 Our policy for responsible disclosure is not an invitation to actively and extensively scan our [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/\" \/>\n<meta property=\"og:site_name\" content=\"Solvinity\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-18T10:59:15+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Geschatte leestijd\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/\",\"url\":\"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/\",\"name\":\"Coordinated Vulnerability Disclosure - Solvinity\",\"isPartOf\":{\"@id\":\"https:\/\/www.solvinity.com\/nl\/#website\"},\"datePublished\":\"2020-02-04T13:01:03+00:00\",\"dateModified\":\"2026-03-18T10:59:15+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/#breadcrumb\"},\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.solvinity.com\/nl\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Coordinated Vulnerability Disclosure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.solvinity.com\/nl\/#website\",\"url\":\"https:\/\/www.solvinity.com\/nl\/\",\"name\":\"Solvinity\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.solvinity.com\/nl\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.solvinity.com\/nl\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"nl-NL\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.solvinity.com\/nl\/#organization\",\"name\":\"Solvinity\",\"url\":\"https:\/\/www.solvinity.com\/nl\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\/\/www.solvinity.com\/nl\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.solvinity.com\/wp-content\/uploads\/2019\/08\/solvinity-logo.png\",\"contentUrl\":\"https:\/\/www.solvinity.com\/wp-content\/uploads\/2019\/08\/solvinity-logo.png\",\"width\":344,\"height\":72,\"caption\":\"Solvinity\"},\"image\":{\"@id\":\"https:\/\/www.solvinity.com\/nl\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Coordinated Vulnerability Disclosure - Solvinity","robots":{"index":"noindex","follow":"nofollow"},"og_locale":"nl_NL","og_type":"article","og_title":"Coordinated Vulnerability Disclosure - Solvinity","og_description":"Coordinated Vulnerability Disclosure At Solvinity the security of our systems is of utmost importance. Despite our attention to security, it may happen that there is a weak spot in one of our systems or in one of our customers\u2019 systems.\u00a0 Our policy for responsible disclosure is not an invitation to actively and extensively scan our [&hellip;]","og_url":"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/","og_site_name":"Solvinity","article_modified_time":"2026-03-18T10:59:15+00:00","twitter_card":"summary_large_image","twitter_misc":{"Geschatte leestijd":"4 minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/","url":"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/","name":"Coordinated Vulnerability Disclosure - Solvinity","isPartOf":{"@id":"https:\/\/www.solvinity.com\/nl\/#website"},"datePublished":"2020-02-04T13:01:03+00:00","dateModified":"2026-03-18T10:59:15+00:00","breadcrumb":{"@id":"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/#breadcrumb"},"inLanguage":"nl-NL","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.solvinity.com\/nl\/coordinated-vulnerability-disclosure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.solvinity.com\/nl\/"},{"@type":"ListItem","position":2,"name":"Coordinated Vulnerability Disclosure"}]},{"@type":"WebSite","@id":"https:\/\/www.solvinity.com\/nl\/#website","url":"https:\/\/www.solvinity.com\/nl\/","name":"Solvinity","description":"","publisher":{"@id":"https:\/\/www.solvinity.com\/nl\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.solvinity.com\/nl\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"nl-NL"},{"@type":"Organization","@id":"https:\/\/www.solvinity.com\/nl\/#organization","name":"Solvinity","url":"https:\/\/www.solvinity.com\/nl\/","logo":{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/www.solvinity.com\/nl\/#\/schema\/logo\/image\/","url":"https:\/\/www.solvinity.com\/wp-content\/uploads\/2019\/08\/solvinity-logo.png","contentUrl":"https:\/\/www.solvinity.com\/wp-content\/uploads\/2019\/08\/solvinity-logo.png","width":344,"height":72,"caption":"Solvinity"},"image":{"@id":"https:\/\/www.solvinity.com\/nl\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/pages\/8087","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/comments?post=8087"}],"version-history":[{"count":8,"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/pages\/8087\/revisions"}],"predecessor-version":[{"id":32017,"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/pages\/8087\/revisions\/32017"}],"wp:attachment":[{"href":"https:\/\/www.solvinity.com\/nl\/wp-json\/wp\/v2\/media?parent=8087"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}