Vulnerabilities found by third-party security scans should go to HackerOne

Last update: Mon Oct 02 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

Topics:
Security

CREATED FOR:

Developer
Admin

This article provides a solution to address vulnerabilities found by third-party security scans.

Affected products and versions

Adobe Commerce (all versions)

Issues

Merchant performed a PEN test through an independent security agency, and a vulnerability was flagged.

Solutions

Vulnerabilities found by third-party security scans should be sent to the HackerOne website. Adobe Commerce does not have a direct point of contact at HackerOne, so you should directly reach out to HackerOne. Adobe only handles the MST (Magento Security Scan tool) report.

recommendation-more-help

8bd06ef0-b3d5-4137-b74e-d7b00485808a