Helpful Hacker?In the hopes of improving the security of our sites, while also acknowledging the incredible passion our Community has, we have created the Helpful Hacker program.
What is this program for?What this allows you to do is to report product vulnerabilities to Envato. If you believe you have found a general security vulnerability in an Envato product, you can report it using this form We truly appreciate the time taken to do this, and as such, reports received via this channel receive extremely high priority… you can read more about that and the process involved on the program page.
What do we get?
- A better, safer place for the Community
- Our gratitude, and a visible Thank You in the form of a one-of-a-kind badge, which is most likely also the rarest to date.
- Aside from this badge, you will also receive a mention with a link to your social media channel of choice on the “Honour Roll” at We Build Envato Blog
Big ThanksPlease take a moment and join me in thanking and congratulating the first contributors to our program, and also the only 10 users (so far) to have the WhiteHat, Helpful Hacker Badge!
- Kamil Sevi
- Amir Sohail
- Christy Philip Mathew
- Moujahed Jmal
- Mahadev Subedi
- Ahmad Ashraff
- Shpend Kurtishaj
- Abhishek Gahlot
- Janne Ahlberg
- Dejan Marjanovic
Thank you for being awesome guys!
There needs to be a badge for this
How about give us the option to use the site over https? As an author, I don’t mind getting the browser warning sometimes if the whole content isn’t loaded using https. I much rather have that warning instead of my cookies flying as plain text, and anybody can grab them.
Does this includes websites on Themeforest? If so, do XSS and SQL vulnerabilities count on such sites?
If someone could come up with a fake sales that result to sales reversal, this would be really great.