Vulnerability Disclosure Form
1. Reporter Information
Full Name
*
Organisation / Affiliation (if applicable)
*
Email Address
*
Phone Number
Country
*
-- Please select --
Afghanistan
Albania
Algeria
Andorra
Angola
Antigua and Barbuda
Argentina
Armenia
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bhutan
Bolivia
Bosnia and Herzegovina
Botswana
Brazil
Brunei
Bulgaria
Burkina Faso
Burundi
Cabo Verde
Cambodia
Cameroon
Canada
Central African Republic
Chad
Chile
China
Colombia
Comoros
Congo (Congo-Brazzaville)
Costa Rica
Croatia
Cuba
Cyprus
Czechia (Czech Republic)
Denmark
Djibouti
Dominica
Dominican Republic
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Eswatini (Swaziland)
Ethiopia
Fiji
Finland
France
Gabon
Gambia
Georgia
Germany
Ghana
Greece
Grenada
Guatemala
Guinea
Guinea-Bissau
Guyana
Haiti
Honduras
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Israel
Italy
Jamaica
Japan
Jordan
Kazakhstan
Kenya
Kiribati
Kuwait
Kyrgyzstan
Laos
Latvia
Lebanon
Lesotho
Liberia
Libya
Liechtenstein
Lithuania
Luxembourg
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Mauritania
Mauritius
Mexico
Micronesia
Moldova
Monaco
Mongolia
Montenegro
Morocco
Mozambique
Myanmar (Burma)
Namibia
Nauru
Nepal
Netherlands
New Zealand
Nicaragua
Niger
Nigeria
North Korea
North Macedonia
Norway
Oman
Pakistan
Palau
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Poland
Portugal
Qatar
Romania
Russia
Rwanda
Saint Kitts and Nevis
Saint Lucia
Saint Vincent and the Grenadines
Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
South Korea
South Sudan
Spain
Sri Lanka
Sudan
Suriname
Sweden
Switzerland
Syria
Tajikistan
Tanzania
Thailand
Timor-Leste
Togo
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Tuvalu
Uganda
Ukraine
United Arab Emirates
United Kingdom
United States
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Yemen
Zambia
Zimbabwe
Preferred Method of Communication
*
Please select
Email
Phone
Secure messaging
Would you like to remain anonymous in public acknowledgements?
*
Please select
Yes
No
2. Vulnerability Information
Title of the Vulnerability
Type of Vulnerability
Please select
Cross-Site Scripting (XSS)
SQL Injection
Authentication Bypass
Remote Code Execution
Information Disclosure
Misconfiguration
Denial of Service
Other (please specify)
Please Specify
*
Severity Level (if known)
Please select
Low
Medium
High
Critical
Unknown
Date Vulnerability Discovered
3. Affected System or Organisation
Name of Organisation or Service Affected
Sector
Please select
Government
Financial Services
Telecommunications
Healthcare
Energy
Critical Infrastructure
Private Sector
Other
Please Specify
*
Affected Website / System / Application
URL or IP Address (if applicable)
Software / Product / Vendor (if known)
Version Number (if known)
4. Vulnerability Description
Detailed Description of the Vulnerability
Steps to Reproduce the Vulnerability
Impact of the Vulnerability
Please select
Data exposure
Account takeover
System compromise
Service disruption
Other
Please Specify
*
Potential Risk Level
5. Evidence and Supporting Information
Proof of Concept (PoC)
OR
Screenshots or Logs
References (if related to known vulnerabilities such as CVE)
6. Disclosure Status
Has this vulnerability been reported elsewhere?
*
Please select
Yes
No
Has the organisation/vendor already been notified?
*
Please select
Yes
No
Has the vulnerability been publicly disclosed?
*
Please select
Yes
No
Do you agree to follow responsible disclosure guidelines?
*
Please select
Yes
No
7. Declaration and Ethical Commitment
*
I confirm that this vulnerability was discovered through lawful and ethical means and that I have not exploited the vulnerability for personal gain. I agree to follow the Coordinated Vulnerability Disclosure guidelines of CERT-MU.
