Details
This is Version 3.1 of our Security Policy, last revised on 24th June 2025. | Section added.
NetVibes is committed to fostering open and unrestricted communication, safeguarding user rights to freedom of expression. Platform security and stability are paramount to achieving this objective. Our dedicated security team is prepared to address and resolve any identified vulnerabilities. Complementing our internal expertise and advanced technologies, we actively solicit and appreciate user-reported security flaws. Therefore, we have established a formal vulnerability reporting policy to guide very much appreciated external collaborators in ensuring the safety of NetVibes and security of our platform.
Vulnerability Reporting Policy
• For any questions, concerns, or issues regarding your profile, please click here.
• If a NetVibes account is misusing your brand, it is crucial to take immediate action to protect your reputation and secure intellectual property. This may involve issuing cease and desist letters, seeking legal advice, and monitoring the situation closely to prevent further misuse. You can prevent more issues by clicking contact us and in doing so, you can tell us about your brand and how it is being misused, so we can intervene in investigating the report and shutting the account in question down as soon as possible if needed to prevent further misuse.
If you believe you have discovered a security bug or vulnerability on the NetVibes website, please submit your report here.
Country Restrictions.
We have expanded the list of countries restricted from accessing NetVibes. We are also evaluating additional countries that may be suppliers of armaments or directly enabling ongoing conflicts.
These countries include:
- Iran
- Russia
- Belarus
- China
- North Korea
Access restrictions for these countries will remain in effect until their involvement in these conflicts ceases.
Frequently Asked Questions (FAQ)
What type of issues are considered security vulnerabilities and should be reported?
Please report all technical security vulnerabilities affecting NetVibes here. This includes, but is not limited to the following:
• Vulnerabilities include cross-site scripting (XSS), cross-site request forgery (CSRF), server-side request forgery (SSRF), SQL injection, return-oriented programming (ROP), and jump-oriented programming (JOP). Further risks involve compromised or embedded sensitive credentials, control-flow hijacking vulnerabilities, user data breaches, and unauthorized access to internal NetVibes resources, including backend source code and databases. Critically, arbitrary code execution vulnerabilities exist on both NetVibes servers and clients.
Can I be notified of any updates on a security issue I’ve reported?
The security issues reported will be evaluated based on criticality and business priority and go through our support ticket system accordingly. We will keep you up to date with updates on the ticket created when your security report is made. Please be sure to choose our Security Inquiries department when making your report.