Guidelines for Responsible Disclosure at Knowledgeworker

Modified on Thu, 10 Oct at 1:48 PM

The security of our products and services at Knowledgeworker is our highest priority. To ensure the integrity of our systems and proactively respond to vulnerabilities, we rely on responsible disclosure by external security experts. These guidelines are intended to clearly define the process for reporting and handling security vulnerabilities.

Reporting Vulnerabilities

Contact Information

If you have identified a potential vulnerability in our systems, please contact us via the following email address:


Email: disclosure (at) knowledgeworker.com


We typically respond to your message within a few hours on weekdays in Germany. Please note that there may be longer response times due to public holidays, for example.

What Information We Need

Please provide a clear and precise step-by-step guide on how we can reproduce the vulnerability. Indicate how the system's behavior differs from your expectation. If possible and necessary, supplement your description with screenshots or other media. Please also include, if applicable, the products used, software versions, or technical tools used to reproduce the issue.

Please submit your report in either German or English.

Which Vulnerability Reports and Attacks Are Prohibited

Reports that are not permitted under this policy include reports of usability issues, typos, user misbehavior, or reports concerning third-party products. Additionally, social engineering, DDoS attacks, brute-force attacks, installing malware, or altering the system in any way, such as copying, deleting, or changing data, are strictly prohibited. Please also refer to the Terms of Use of Knowledgeworker.

If you are experiencing technical problems using Knowledgeworker, please contact Support.

How Your Report Will Be Handled

Once we receive your vulnerability report, we will take all necessary steps to investigate with the goal of quickly and transparently addressing the described security issue.

During the investigation, remediation, and deployment of updated software components, we will keep your report confidential and not make it publicly available.

We kindly ask you to keep all communications regarding the vulnerability confidential to ensure mutual trust and flexibility as we work together to release an update and, if necessary, give our customers time to update their software systems.

We will publicly announce the vulnerability on our Security Updates page and mention the individual(s) who reported the vulnerability, unless the researcher(s) wish to remain anonymous.


Sie haben noch kein Autorentool zur Erstellung von Onlinekursen? Erfahren Sie, wie Sie mit Knowledgeworker Create interaktive Lerninhalte erstellen.
Don't have an authoring tool for creating online courses yet? Learn how to create interactive learning content with Knowledgeworker Create.
Sie haben noch kein Lernmanagementsystem? Werfen Sie einen Blick auf Knowledgeworker Share.
Don't have a learning management system yet? Have a look at Knowledgeworker Share.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article