{"id":27560,"date":"2026-01-19T20:36:47","date_gmt":"2026-01-19T19:36:47","guid":{"rendered":"https:\/\/www.5fsoftware.de\/?page_id=27560"},"modified":"2026-03-16T18:58:45","modified_gmt":"2026-03-16T17:58:45","slug":"responsible-disclosure","status":"publish","type":"page","link":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/","title":{"rendered":"Responsible Disclosure"},"content":{"rendered":"<div class=\"fusion-fullwidth fullwidth-box fusion-builder-row-1 fusion-flex-container has-pattern-background has-mask-background nonhundred-percent-fullwidth non-hundred-percent-height-scrolling\" style=\"--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-padding-top:70px;--awb-padding-bottom:20px;--awb-padding-top-small:90px;--awb-padding-bottom-small:80px;--awb-background-color:var(--awb-color1);--awb-flex-wrap:wrap;\" ><div class=\"fusion-builder-row fusion-row fusion-flex-align-items-flex-start fusion-flex-content-wrap\" style=\"max-width:1456px;margin-left: calc(-4% \/ 2 );margin-right: calc(-4% \/ 2 );\"><div class=\"fusion-layout-column fusion_builder_column fusion-builder-column-0 fusion_builder_column_1_1 1_1 fusion-flex-column\" style=\"--awb-bg-size:cover;--awb-width-large:100%;--awb-margin-top-large:0px;--awb-spacing-right-large:1.92%;--awb-margin-bottom-large:73px;--awb-spacing-left-large:1.92%;--awb-width-medium:100%;--awb-order-medium:0;--awb-spacing-right-medium:1.92%;--awb-spacing-left-medium:1.92%;--awb-width-small:100%;--awb-order-small:0;--awb-spacing-right-small:1.92%;--awb-spacing-left-small:1.92%;\"><div class=\"fusion-column-wrapper fusion-column-has-shadow fusion-flex-justify-content-flex-start fusion-content-layout-column\"><div class=\"fusion-title title fusion-title-1 fusion-sep-none fusion-title-center fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:var(--awb-color8);--awb-margin-bottom:50px;--awb-font-size:var(--awb-typography1-font-size);\"><h2 class=\"fusion-title-heading title-heading-center fusion-responsive-typography-calculated\" style=\"font-family:var(--awb-typography1-font-family);font-weight:var(--awb-typography1-font-weight);font-style:var(--awb-typography1-font-style);margin:0;font-size:1em;letter-spacing:var(--awb-typography1-letter-spacing);text-transform:var(--awb-typography1-text-transform);--fontSize:48;line-height:var(--awb-typography1-line-height);\">Responsible Disclosure<\/h2><\/div><div class=\"fusion-text fusion-text-1\"><p><strong style=\"color: var(--awb-color7);\">Last updated:<\/strong><span style=\"color: var(--awb-color7);\"> 19\/01\/2026<\/span><br \/>\n<span style=\"color: var(--awb-color7);\"><br \/>\n<span style=\"color: var(--awb-color7);\"><br \/>\n<\/span><\/span><strong style=\"color: var(--awb-color7);\">Applies to:<\/strong><span style=\"color: var(--awb-color7);\"> 5FSoftware GmbH \u2013 5F Cloud Platform (5f.5fsoftware.de)<\/span><\/p>\n<p><strong style=\"color: var(--awb-color7);\">\u00a0<\/strong><\/p>\n<p><strong style=\"color: var(--awb-color7);\">Purpose<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">The security of our cloud platform is our highest priority. We welcome reports of vulnerabilities and aim to provide a clear and fair process for reporting and remediation.<\/span><\/span><\/p>\n<p><strong style=\"color: var(--awb-color7);\">Contact<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">Please report security vulnerabilities confidentially to:<\/span><\/span><\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">Email: <\/span><a style=\"color: var(--awb-color7);\" href=\"mailto:sicherheit@5fsoftware.de\">sicherheit@5fsoftware.de<\/a><\/li>\n<\/ul>\n<p style=\"color: var(--awb-color7);\">If possible, please include in your report:<\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">affected URL\/component\/version<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">step-by-step description (PoC)<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">impact assessment (e.g., \u201cIs data access possible?\u201d)<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">logs\/screenshots (preferably without personal data)<\/span><\/li>\n<\/ul>\n<p><strong style=\"color: var(--awb-color7);\">Scope<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">This policy applies to:<\/span><\/span><\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">our cloud platform (5f.5fsoftware.de), including associated production subdomains<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">our official apps (iOS and Android)<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">our website (5fsoftware.de)<\/span><\/li>\n<\/ul>\n<p style=\"color: var(--awb-color7);\">Out of scope are:<\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">non-production environments such as development, test, or staging systems<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">third-party systems, services, or accounts, as well as external presences (e.g., social media)<\/span><\/li>\n<\/ul>\n<p style=\"color: var(--awb-color7);\">If you are unsure whether something is in scope, please ask briefly before taking action.<\/p>\n<p><strong style=\"color: var(--awb-color7);\">Permitted approach (Good Faith)<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">We allow responsible reporting and careful testing in good faith, under the following conditions:<\/span><\/span><\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">You do not access or modify third-party data.<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">You do not disrupt operations (no interference\/overload).<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">You perform only minimally invasive tests (as little as possible, as much as necessary).<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">You report the vulnerability promptly and confidentially via the channel above.<\/span><\/li>\n<\/ul>\n<p><strong style=\"color: var(--awb-color7);\">Prohibited activities<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">In particular, the following are not permitted:<\/span><\/span><\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">Denial-of-Service (DoS\/DDoS), load tests\/stress tests<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">password guessing, credential stuffing, or automated bulk attempts<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">social engineering, phishing, or exploitation of human factors<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">extracting, modifying, deleting, or exfiltrating data (especially personal data)<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">installing persistence\/backdoors or maintaining access<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">testing outside the defined scope<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">publishing details before we have had the opportunity to remediate (see \u201cCoordinated disclosure\u201d)<\/span><\/li>\n<\/ul>\n<p style=\"color: var(--awb-color7);\">If you inadvertently encounter third-party data, please stop immediately and inform us without delay.<\/p>\n<p><strong style=\"color: var(--awb-color7);\">No legal action by us<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">If you comply with this policy and act in good faith, 5FSoftware GmbH will:<\/span><\/span><\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">not initiate civil action against you, and<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">not file a criminal complaint insofar as such a complaint is required for prosecution.<\/span><\/li>\n<\/ul>\n<p style=\"color: var(--awb-color7);\">This assurance does not apply if:<\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">systems are intentionally disrupted<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">third-party data is accessed, modified, or exfiltrated<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">extortion or \u201cransom\u201d demands are made<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">or tests go significantly beyond what is necessary for verification<\/span><\/li>\n<\/ul>\n<p style=\"color: var(--awb-color7);\">Note: This policy cannot prevent action by authorities (e.g., in cases of particular public interest); it describes our approach as the provider.<\/p>\n<p><strong style=\"color: var(--awb-color7);\">Data handling and confidentiality<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">Please avoid collecting personal data. Where technically unavoidable for assessment, limit it to the minimum and do not send us sensitive content. We treat reports confidentially and use them for analysis, remediation, and prevention.<\/span><\/span><\/p>\n<p><strong style=\"color: var(--awb-color7);\">Response and coordinated disclosure<\/strong><\/p>\n<ul>\n<li><span style=\"color: var(--awb-color7);\">We typically acknowledge receipt of your report within 3 business days.<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">We will inform you about the status where possible.<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">Please publish details only after our response and remediation, or after coordinating with us.<\/span><\/li>\n<li><span style=\"color: var(--awb-color7);\">As a guideline, a period of 90 days from receipt of your report applies; for complex cases, the period can be extended by mutual agreement.<\/span><\/li>\n<\/ul>\n<p><strong style=\"color: var(--awb-color7);\">Bug bounty<br \/>\n<\/strong><span style=\"color: var(--awb-color7);\"><span style=\"color: var(--awb-color7);\">We currently do not offer a bug bounty program. Regardless, we appreciate responsible disclosures.<\/span><\/span><\/p>\n<\/div><\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":17,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"100-width.php","meta":{"footnotes":""},"class_list":["post-27560","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Responsible Disclosure<\/title>\n<meta name=\"description\" content=\"Meldung von Sicherheitsl\u00fccken (Responsible Disclosure)\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Responsible Disclosure\" \/>\n<meta property=\"og:description\" content=\"Meldung von Sicherheitsl\u00fccken (Responsible Disclosure)\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/\" \/>\n<meta property=\"og:site_name\" content=\"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-16T17:58:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.5fsoftware.de\/wp-content\/uploads\/cropped-5FSignet_dunkelblau_1024x1024.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/\",\"url\":\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/\",\"name\":\"Responsible Disclosure\",\"isPartOf\":{\"@id\":\"https:\/\/www.5fsoftware.de\/en\/#website\"},\"datePublished\":\"2026-01-19T19:36:47+00:00\",\"dateModified\":\"2026-03-16T17:58:45+00:00\",\"description\":\"Meldung von Sicherheitsl\u00fccken (Responsible Disclosure)\",\"breadcrumb\":{\"@id\":\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/www.5fsoftware.de\/en\/5f-cloud-platform-for-data-exchange-and-communication\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Responsible Disclosure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.5fsoftware.de\/en\/#website\",\"url\":\"https:\/\/www.5fsoftware.de\/en\/\",\"name\":\"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation\",\"description\":\"5F | Die Plattform f\u00fcr Kanzleien und Unternehmen \u2013 zur effizienten und sicheren Zusammenarbeit mit Mandanten, Kunden und Lieferanten.\",\"publisher\":{\"@id\":\"https:\/\/www.5fsoftware.de\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.5fsoftware.de\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.5fsoftware.de\/en\/#organization\",\"name\":\"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation\",\"url\":\"https:\/\/www.5fsoftware.de\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.5fsoftware.de\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.5fsoftware.de\/wp-content\/uploads\/5Flogo-blau-1000x1000-1.png\",\"contentUrl\":\"https:\/\/www.5fsoftware.de\/wp-content\/uploads\/5Flogo-blau-1000x1000-1.png\",\"width\":1000,\"height\":1000,\"caption\":\"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation\"},\"image\":{\"@id\":\"https:\/\/www.5fsoftware.de\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.instagram.com\/5fsoftware\/\",\"https:\/\/www.linkedin.com\/company\/5fsoftware-gmbh\/mycompany\/?viewAsMember=true\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Responsible Disclosure","description":"Meldung von Sicherheitsl\u00fccken (Responsible Disclosure)","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/","og_locale":"en_US","og_type":"article","og_title":"Responsible Disclosure","og_description":"Meldung von Sicherheitsl\u00fccken (Responsible Disclosure)","og_url":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/","og_site_name":"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation","article_modified_time":"2026-03-16T17:58:45+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.5fsoftware.de\/wp-content\/uploads\/cropped-5FSignet_dunkelblau_1024x1024.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/","url":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/","name":"Responsible Disclosure","isPartOf":{"@id":"https:\/\/www.5fsoftware.de\/en\/#website"},"datePublished":"2026-01-19T19:36:47+00:00","dateModified":"2026-03-16T17:58:45+00:00","description":"Meldung von Sicherheitsl\u00fccken (Responsible Disclosure)","breadcrumb":{"@id":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.5fsoftware.de\/en\/responsible-disclosure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.5fsoftware.de\/en\/5f-cloud-platform-for-data-exchange-and-communication\/"},{"@type":"ListItem","position":2,"name":"Responsible Disclosure"}]},{"@type":"WebSite","@id":"https:\/\/www.5fsoftware.de\/en\/#website","url":"https:\/\/www.5fsoftware.de\/en\/","name":"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation","description":"5F | Die Plattform f\u00fcr Kanzleien und Unternehmen \u2013 zur effizienten und sicheren Zusammenarbeit mit Mandanten, Kunden und Lieferanten.","publisher":{"@id":"https:\/\/www.5fsoftware.de\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.5fsoftware.de\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.5fsoftware.de\/en\/#organization","name":"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation","url":"https:\/\/www.5fsoftware.de\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.5fsoftware.de\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.5fsoftware.de\/wp-content\/uploads\/5Flogo-blau-1000x1000-1.png","contentUrl":"https:\/\/www.5fsoftware.de\/wp-content\/uploads\/5Flogo-blau-1000x1000-1.png","width":1000,"height":1000,"caption":"5FSoftware | Plattform f\u00fcr Datenaustausch und Kommunikation"},"image":{"@id":"https:\/\/www.5fsoftware.de\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.instagram.com\/5fsoftware\/","https:\/\/www.linkedin.com\/company\/5fsoftware-gmbh\/mycompany\/?viewAsMember=true"]}]}},"_links":{"self":[{"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/pages\/27560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/comments?post=27560"}],"version-history":[{"count":10,"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/pages\/27560\/revisions"}],"predecessor-version":[{"id":28679,"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/pages\/27560\/revisions\/28679"}],"wp:attachment":[{"href":"https:\/\/www.5fsoftware.de\/en\/wp-json\/wp\/v2\/media?parent=27560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}