Responsibly Disclosing Security Vulnerabilities
The Hikium team is committed to security. It’s very important.
If you have found a legitimate security vulnerability, we strongly encourage you to report the vulnerability to our team.
Step 1: Check vulnerable version and other information
For the Hikium Experience Composer application
- Go to Settings.
- Go to Troubleshooting.
- Note the application version.
Versions 1.0.0 and later are supported. Security vulnerabilities in older versions won’t be addressed.
For vulnerable code exported from Hikium Experience Composer
- On the vulnerable site, navigate to the
/security.txtfile, if available.
- Note the date the code was generated at, and the version of EC the code was exported from.
Code exported from EC versions 1.0.0-beta.1 and later is supported. Security vulnerabilities in older versions won’t be addressed.
For the Hikium marketing website and our open-source libraries
If you’ve found a vulnerability in the Hikium marketing website (
www.hikium.com) or our open-source libraries, just contact us.
Step 2: Report the vulnerability
Next, report the vulnerability to us.
Email us. Currently this is at email@example.com.
We will investigate all legitimate reports and do our best to quickly fix the problem.
Thank you for helping make Hikium products, projects, and services more secure.