Skip to content

Security: bigcommerce/catalyst

Security

SECURITY.md

Reporting security issues

BigCommerce is dedicated to the responsible disclosure of security vulnerabilities. If you have found a security vulnerability in an active open-source repository created and owned by BigCommerce, please report it to our public bug bounty program. If you would prefer to submit via email, please send your report to [email protected].

We ask that you do not open a public GitHub issue to report security concerns.

Note: Only submissions to our bounty program on BugCrowd will be eligible for bounties. Bounty eligibility and amounts are determined according to the program guidelines.

Note: Bugs in 3rd-party modules and/or dependencies should be reported to the owners/maintainers or those modules and/or dependencies, BigCommerce has no control or authority over third party content.

Thank you in advance for collaborating with us to help protect us and our customers.

There aren’t any published security advisories