How to Report Security Issues
If you discover a security vulnerability or abuse-related bug in any ContactMonkey product, please report it immediately.
Reporting Process
- Contact: support@contactmonkey.com
- Subject line: Include "SECURITY BUG REPORT" for priority handling
What to Include in Your Report
- Product affected: Specify which ContactMonkey product/feature
- Bug description: Clear explanation of the security issue
- Steps to reproduce: Detailed reproduction steps
- Impact assessment: Potential risks or consequences
- Supporting evidence: Screenshots, logs, or proof-of-concept (if safe to share)
Types of Security Issues to Report
- Authentication bypass
- Data exposure vulnerabilities
- Injection attacks (SQL, XSS, etc.)
- Privilege escalation
- Cross-site request forgery (CSRF)
- Email security issues
- API security flaws
- Any abuse mechanisms that could harm users
Alternative Contact Methods
For extremely sensitive issues, you may also reach out to your dedicated Customer Success Manager.