To report a security issue, please email [email protected] with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Please encrypt your findings with Workrise's public PGP key.

Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

Please see the Workrise Vulnerability Disclosure Policy for more information.