![]() ![]() Additionally, you also get 1 TB of space for leaving your files online for a little while. The best file transfer software makes it simple and easy to safely and securely share files online with friends, family, or co-workers. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation. WeTransfer Pro starts at 10/month and expands your storage to up to 200 GB. Making file management and transfer easy. This is critically important, so let us emphasise: do not interact with the data in question more than is necessary to notify us.ĭo not reveal the problem to others until it has been resolved.ĭo not use attacks on physical security, social engineering, distributed denial of service (or any attack using large volumes of requests), spam or applications of third parties.ĭo provide sufficient information to reproduce the problem, so we will be able to resolve it as quickly as possible. Submit your findings by using our Responsible Disclosure Form hosted by Zerocopter.ĭo not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other people's data. If you believe you have discovered a security vulnerability in a WeTransfer service, please do the following: In addition, while we welcome disclosure reports from automated tools / scans, we cannot offer a reward. Ideally, a reported vulnerability will be achievable without physical access to a target's device. The iOS and Android WeTransfer applications The following areas are considered in scope: Non-production environments across our product line Integrations and extensions created by third party developers using our public API ![]() a blog hosted on an external service - unless we've configured the blog in such a way as to make our in-scope areas vulnerable) Third party applications we make use of, but do not control. is a U.S-based cloud-native Managed File Transfer (MFT), automation, and integration platform that enables organizations to securely store, transfer, and share files between users, teams, and organizations. Vulnerabilties in our open source software (unless you have a proof of concept of how the specific vulnerability can be used on or related apps).ĭistributed Denial of Service attacks (DDoS) Missing security headers or 'best practices' (except if you are able to demonstrate a vulnerability that makes use of their absence) Spam (unless a specific vulnerability leads to easily sending spam)Īuthentication (or lack thereof) on free transfers Users hosting malware on our service (contact support for this) Policies as opposed to implementations - email verification, password length or reuse, etc.Ībility to upload or download malicious files via Vulnerabilities that require access to an already compromised account (unless access to an account exposes other accounts) The following areas are considered out of scope:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |