myBASFWorld
[object Object]
Responsible disclosure statement

myBASFWorld

Responsible disclosure statement

BASF investigates all reports of security vulnerabilities affecting BASF web presence. If you are a security researcher and believe you have found a security vulnerability, please send an e-mail to us at BASF Responsible Disclosure.

Our guidelines

  • Give us enough details to reproduce the vulnerability

  • Allow us a reasonable amount of time to fix the vulnerability before making any information public

  • Avoid data deletion, unauthorized data access, and service disruption while testing the vulnerability you found

  • Do not ask for compensation for your report
     

Our commitment

  • We will let you know when we received your report

  • We will give you an estimate of how long the fix will take

  • We will tell you when we have fixed the vulnerability
     

Our thanks

If your vulnerability report is valid and you would like to be recognized for your contribution, we will gladly add you to our “Heroes of BASF” list, by name or anonymously. We will only add you to our “Heroes of BASF” list, if this is explicitly requested by you.

Heroes of BASF

The following researchers have helped us identify and fix vulnerabilities. Thanks to all!