JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.
Responsible Disclosure Form
Thinking Machines accepts vulnerability reports through this form.
Before submitting, please read our Responsible Disclosure Policy:
https://thinkingmachin.es/disclosure
We also accept emails at
security@thinkingmachin.es
and can engage in back-and-forth conversations there.
Sign in to Google
to save your progress.
Learn more
* Indicates required question
Reporter Email Address
You may share your email address so that we can contact you about your report as necessary.
Your answer
Summary
*
One line description of the bug or vulnerability (Please include CVE# if applicable)
Your answer
Technical Severity
*
The Vulnerability Rating Taxonomy is the baseline guide used for classifying technical severity. For reference:
https://bugcrowd.com/vulnerability-rating-taxonomy
Application-Level Denial-of-Service (DoS)
Automotive Security Misconfiguration
Broken Access Control (BAC)
Broken Authentication and Session Management
Broken Cryptography
Client-Side Injection
Cross-Site Request Forgery (CSRF)
Cross-Site Scripting (XSS)
External Behavior
Indicators of Compromise
Insecure Data Storage
Insecure Data Transport
Insecure OS/Firmware
Insufficient Security Configurability
Lack of Binary Hardening
Mobile Security Misconfiguration
Privacy Concerns
Sensitive Data Exposure
Server Security Misconfiguration
Server-Side Injection
Unvalidated Redirects and Forwards
Using Components with Known Vulnerabilities
Other:
Required
URL / Location of Vulnerability
For example:
https://secure.server.com/some/path/file.php
Your answer
Vulnerability Details
*
Give a detailed description of the steps needed to reproduce the vulnerability. (Links to proof of concept scripts or screenshots are helpful.)
Your answer
Is there anything else we should know?
Your answer
Submit
Clear form
Never submit passwords through Google Forms.
This form was created inside of Thinking Machines Data Science.
Report Abuse
Forms