Ask the Post
Vulnerability Disclosure Policy
By Washington Post Staff
May 13, 2021 at 4:51 p.m. EDT
As a global leader in media as well as SaaS for publishing, The Washington Post embraces responsible software development norms. To support a healthy internet ecology, we are sharing our Vulnerability Disclosure Policy. This policy describes the submission process for security researchers wanting to share their findings with our engineering teams.
Support our journalism. Subscribe today.
Our commitment to independent researchers:
Our request:
Out-of-scope:
In-Scope Examples:
BOLAs/IDORs, OWASP API Top 10, multi-stage logic flaws, account enumerations and iteration flaws, XML injections, auth problems, cloud data leakages, critical software version flaws, provable RFIs/LFIs, upload exploits, WAF bypasses.
Below you will find a form where you can submit your findings. Please include accurate and detailed findings to facilitate faster validation. Thank you and happy hunting!
MORE FROM THE POST
Is NBC to blame for Simone Biles’s Olympic withdrawal?
Opinion·August 2, 2021
Carolyn Hax: Should you break up with a boyfriend you care about but don’t love?
Perspective·Today at 12:00 a.m. EDT
CDC study shows three-fourths of people infected in Massachusetts coronavirus outbreak were vaccinated but few required hospitalization
July 30, 2021
Kim Jong Un’s mysterious head bandage fuels further speculation about his health
Today at 7:43 a.m. EDT
Don’t ask whether we should leave Afghanistan. Ask why we didn’t win.
Opinion·Today at 7:45 a.m. EDT
Comments are not available on this story.
Have a question about our commenting policies? Review our community rules orcontact the commenting team.

Today's Headlines
The most important news stories of the day, curated by Post editors and delivered every morning.
washingtonpost.com
© 1996-2021 The Washington Post
Contact the Newsroom
Contact Customer Care
Request a Correction
Send a News Tip
Report a Vulnerability
Download the Washington Post App
Policies & Standards
Terms of Service
Privacy Policy
Print Products Terms of Sale
Digital Products Terms of Sale
Submissions & Discussion Policy
RSS Terms of Service
Ad Choices
Skip to main contentDemocracy Dies in DarknessGet one year for $29