The following article explains how you can notify us about a security bug on our platform. If you are looking for information about how to report a Terms of Service violation such as spamming, phishing or inappropriate user conduct, please review this help article.
At Glitch, we take measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, and access. However, no method of transmission over the internet, and no means of electronic or physical storage, is absolutely secure. If you have discovered a potential security vulnerability on our platform, please follow these do’s and dont’s:
Please do:
-
Report your concern to us via our Help Center, or by sending a message to support@glitch.com.
-
Expect us to follow up with you. Our support team will respond to your report within 24 business hours so that we can gather the details and then make sure that you are notified when the issue is resolved.
Please don’t:
-
Compromise your own safety or security by using your private information to validate the bug.
-
Take any action that would further disrupt our service. Just give us the details and our engineers will take it from there.
-
Worry about reporting an invalid concern. We don’t mind hearing from you - even if you are unsure about what you are seeing.
-
Share the vulnerability publicly until we confirm that it has been fixed. After that, you are welcome to document how you helped us identify a valid security bug.
We are super-grateful to our community for helping us keep Glitch friendly, safe, and open! While we don’t have a bug bounty program, we can send you a pack of Glitch stickers to thank you for reporting a verifiable bug.