We will work with you to validate and fix any reported vulnerabilities in accordance with our commitment to security and privacy. We require that you keep such potential vulnerabilities confidential and do not publicly disclose them.
Discovering Security Vulnerabilities
We encourage responsible security research of the Cvent services and products to which you have authorized access. In no event shall your research involve:
- Any attempt to modify or delete any data
- Accessing, downloading, modifying, or attempting to access, download, or modify accounts and data that does not belong to you
- Executing, or attempting to execute, a denial of service (DOS) or distributed denial of service (DDOS) attack
- Sending, or attempting to send, unsolicited or unauthorized email, spam, or other forms of unsolicited messages
- Testing third party websites, applications, or services that integrate with Cvent services
- Posting, transmitting, uploading, linking to, sending or storing malware, viruses or similar harmful software, or otherwise attempting to interrupt or degrade Cvent services
- Any activity that violates any applicable law
Reporting Security Vulnerabilities
If you believe you have discovered a security vulnerability, please share the details with us by filling out the form below. The Cvent Security team will acknowledge receipt of each reported vulnerability, conduct a thorough investigation, and then take appropriate action for resolution. Please note that such reported vulnerability should not be publicly disclosed or previously reported to us.