Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reporting discovered security vulnerabilities

Go to answer
matejp
Champ in-the-making
Champ in-the-making

‎03-01-2024 04:58 PM

Hello, I discovered a security vulnerability in Alfresco Content Services Enterprise and Community. I tried to disclose it through Hyland Community but I do not have access and therefore can't reach support. Is there any other way to disclose this?

Thank you.

Labels:
0 Kudos
1 ACCEPTED ANSWER

Go to answer
pmcmahon
Champ in-the-making
Champ in-the-making

‎04-11-2024 10:35 AM

At this time, non-Hyland customers/partners can report through our Vulnerability Disclosure Program (VDP)

This is found on the Hyland Trust Center ( https://security.hyland.com/ )  labeled "Report a Vulnerability" within the Company Information card.

Customers and Partners should continue to use Hyland Community (work with your Hyland representative if you cannot access).

View answer in original post

0 Kudos
3 REPLIES 3

Go to answer
pmcmahon
Champ in-the-making
Champ in-the-making

‎04-11-2024 10:35 AM

At this time, non-Hyland customers/partners can report through our Vulnerability Disclosure Program (VDP)

This is found on the Hyland Trust Center ( https://security.hyland.com/ )  labeled "Report a Vulnerability" within the Company Information card.

Customers and Partners should continue to use Hyland Community (work with your Hyland representative if you cannot access).

0 Kudos

Go to answer
matejp
Champ in-the-making
Champ in-the-making
In response to pmcmahon

‎04-17-2024 02:36 AM

Thank you for your reply. I checkd it out and it should be possible with the link you provided, however since there was no reply to my question for quite some time, I already reported it through HackerOne. Hope that will also reach the Alfresco team.

0 Kudos

Go to answer
Poshysswo
Champ in-the-making
Champ in-the-making

‎06-01-2025 09:23 AM - last edited a month ago

You might try reaching out directly via Hyland’s official contact page or email their security team—many enterprise software companies have a dedicated security disclosure address like security@hyland.com (though you’ll want to verify the exact address). If the vulnerability is serious, you could also submit it via a responsible disclosure platform like HackerOne or Bugcrowd, if Hyland is listed there.

And speaking of security, tools like an ethical IP stresser can help test your own systems for resilience—but always use them responsibly and never against services without permission.

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2025 Khoros, LLC