Where to report vulnearbilities?
-
On 28/05/2018 at 02:44, xxxxxxxx wrote:
Hello PluginCafe,
so yesterday I was thinking about how I could make my plugins more secure.
After a while I got to the exact opposite where I tried to "crack" my own plugin to see how secure they where. And I found a major vulnearbility within Cinema4D. With that I mean that I was able to get the complete source-code of a encrypted python plugin.
I won't go into detail now, for obvious reasons, but what I want to know is where to report such cases to?The normal Maxon support?
Or is there a specific place to report to? Since it is largly plugin related I thought I ask here.Best regards,
Florian -
On 29/05/2018 at 06:56, xxxxxxxx wrote:
Hello Florian,
as our user documentation mentions, the source protection is not a 100% secure encryption. To quote the docs: "It offers low-level protection, which can be circumvented by those with corresponding technical know-how."
That said, you may still have found an undesired issue. In this case feel free to simply write us an email ([email protected]) describing the issue in more detail.