At Freelancer, we do our absolute best to ensure that our website is as secure as possible. Keeping up with the latest in web security can be a daunting task and new vulnerabilities can appear in new and old products. Freelancer has an amazing community of very skilled users, particularly amongst the highly technical freelancers. We encourage users who find security vulnerabilities to report them to us as soon as possible.
This includes any type of denial of service attack, viewing another user's data without authorization or modifying data without authorization.
Please only send valid security vulnerabilities to this e-mail address, all other requests will be ignored (e.g. for support). If you wish to encrypt your submission, you may do so using the PGP public key found at: https://www.freelancer.com/info/WhitehatsPGP.txt
Freelancer recognizes the importance of security researchers who contribute to the security of our website. To encourage bug reports to submit vulnerabilities to us, we will commit to not bringing a private action nor refer the matter for public inquiry against a bug reporter who follows these guidelines:
Researchers who successfully report a vulnerability may choose to be awarded in the following ways: