Responsible Disclosure: Vulnerability Reporting Form

The University of Duisburg-Essen is committed to high security standards, and it is crucial that we are informed of vulnerabilities as early as possible in order to prevent potential damage. That's why we value the expertise and assistance of the cybersecurity community. You help us maintain our high security standards. Please report any suspected security vulnerabilities related to our services or products.

We treat all reports submitted high confidentially. Your personal data will not be passed on to third parties without your consent, unless this is necessary to fulfill legal obligations. It is also possible to submit anonymous reports. All reports submitted will be processed as quickly as possible.

The University of Duisburg-Essen does not operate a bug bounty program.
Individuals who report vulnerabilities can be recognized on our acknowledgment page.

• A contact person at the University of Duisburg-Essen will respond to the person who reported the security vulnerability and get in touch to exchange further information and confirm receipt of the report.
  All details regarding the security vulnerability will be treated as strictly confidential and will only be shared internally and externally as necessary.
• While analyzing the security vulnerability, the University of Duisburg-Essen will continue to work with the reporter to obtain more detailed information and keep them informed of progress, to the extent possible given confidentiality and regulatory requirements. 
• The University of Duisburg-Essen acknowledges reporters on the “Acknowledgments” page. The University of Duisburg-Essen reserves the right to decide on a case-by-case basis whether or not to acknowledge a reporter.