{"id":65192,"date":"2025-09-30T14:46:31","date_gmt":"2025-09-30T14:46:31","guid":{"rendered":"https:\/\/pros.com\/?page_id=65192"},"modified":"2025-09-30T17:18:44","modified_gmt":"2025-09-30T17:18:44","slug":"external-vulnerability-disclosure-policy","status":"publish","type":"page","link":"https:\/\/s28288.pros.com\/de\/trust-security\/external-vulnerability-disclosure-policy\/","title":{"rendered":"Externe Richtlinie zur Offenlegung von Schwachstellen"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"65192\" class=\"elementor elementor-65192\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-765d721 e-con-full e-flex e-con e-child\" data-id=\"765d721\" data-element_type=\"container\" data-e-type=\"container\" id=\"subheader\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t<div class=\"elementor-element elementor-element-6a6b0f25 e-flex e-con-boxed e-con e-child\" data-id=\"6a6b0f25\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-57705f23 elementor-widget elementor-widget-heading\" data-id=\"57705f23\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Trust &amp; Security<\/div>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-1f6aa218 e-flex e-con-boxed e-con e-parent\" data-id=\"1f6aa218\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-4bf62b07 e-con-full e-flex e-con e-child\" data-id=\"4bf62b07\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ce6d104 elementor-widget elementor-widget-heading\" data-id=\"ce6d104\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">External Vulnerability Disclosure Policy<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5207d536 elementor-hidden-mobile elementor-toc--minimized-on-tablet elementor-widget elementor-widget-table-of-contents\" data-id=\"5207d536\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;exclude_headings_by_selector&quot;:[],&quot;marker_view&quot;:&quot;bullets&quot;,&quot;icon&quot;:{&quot;value&quot;:&quot;&quot;,&quot;library&quot;:&quot;&quot;},&quot;no_headings_message&quot;:&quot;No headings were found on this page.&quot;,&quot;headings_by_tags&quot;:[&quot;h2&quot;],&quot;minimize_box&quot;:&quot;yes&quot;,&quot;minimized_on&quot;:&quot;tablet&quot;,&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet_extra&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-toc__header\">\n\t\t\t\t\t\t<div class=\"elementor-toc__header-title\">\n\t\t\t\tTable of Contents\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--expand\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__5207d536\" aria-expanded=\"true\" aria-label=\"Inhaltsverzeichnis \u00f6ffnen\"><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-chevron-down\" viewBox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z\"><\/path><\/svg><\/div>\n\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--collapse\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__5207d536\" aria-expanded=\"true\" aria-label=\"Inhaltsverzeichnis schlie\u00dfen\"><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-chevron-up\" viewBox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M240.971 130.524l194.343 194.343c9.373 9.373 9.373 24.569 0 33.941l-22.667 22.667c-9.357 9.357-24.522 9.375-33.901.04L224 227.495 69.255 381.516c-9.379 9.335-24.544 9.317-33.901-.04l-22.667-22.667c-9.373-9.373-9.373-24.569 0-33.941L207.03 130.525c9.372-9.373 24.568-9.373 33.941-.001z\"><\/path><\/svg><\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<div id=\"elementor-toc__5207d536\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<svg class=\"elementor-toc__spinner eicon-animation-spin e-font-icon-svg e-eicon-loading\" aria-hidden=\"true\" viewBox=\"0 0 1000 1000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M500 975V858C696 858 858 696 858 500S696 142 500 142 142 304 142 500H25C25 237 238 25 500 25S975 237 975 500 763 975 500 975Z\"><\/path><\/svg>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a8b5dd e-con-full e-flex e-con e-child\" data-id=\"a8b5dd\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-4b84eaea elementor-widget elementor-widget-heading\" data-id=\"4b84eaea\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">1. Purpose<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-518ae8fc elementor-widget elementor-widget-text-editor\" data-id=\"518ae8fc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tPROS is committed to maintaining the highest standards of security for our software products and services. This\nExternal Vulnerability Disclosure Policy outlines how security researchers, ethical hackers, and external parties can\nresponsibly report vulnerabilities they discover in our systems, ensuring the safety and integrity of our products and\nthe trust of our users. \n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2b4917d8 elementor-widget elementor-widget-heading\" data-id=\"2b4917d8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">2. Scope \n<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-799260c elementor-widget elementor-widget-text-editor\" data-id=\"799260c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tThis policy applies to all external parties (researchers, ethical hackers, and other stakeholders) who identify and\nreport vulnerabilities in PROS software products, services, websites, and related infrastructure. It covers all forms of\nvulnerabilities, including but not limited to:\n<ul>\n \t<li>Software applications (web, mobile, desktop)<\/li>\n \t<li>APIs and web services<\/li>\n \t<li>Cloud infrastructure<\/li>\n \t<li>Network services<\/li>\n \t<li>Documentation and public-facing resources<\/li>\n<\/ul>\n<strong>Excluded:<\/strong> This policy does not apply to vulnerabilities discovered in internal systems or any non-publicly accessible\nsystems unless explicitly authorized by PROS.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ef89c46 elementor-widget elementor-widget-heading\" data-id=\"ef89c46\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">3. Definitions<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-74c8ff81 elementor-widget elementor-widget-text-editor\" data-id=\"74c8ff81\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li><strong>Vulnerability:<\/strong> A weakness in the system that can be exploited to compromise the confidentiality, integrity, or\navailability of the system or its data.<\/li>\n<li><strong>Responsible Disclosure:<\/strong> The practice of privately reporting security vulnerabilities to the affected\norganization, allowing them time to address the issue before public disclosure.<\/li>\n<li><strong>Safe Harbor:<\/strong> Legal protections provided to individuals who report vulnerabilities in good faith, preventing\nlegal action by PROS as long as the reporting adheres to the policy.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7ef69ec3 elementor-widget elementor-widget-heading\" data-id=\"7ef69ec3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">4. Policy Statements<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1b788d3a elementor-widget elementor-widget-heading\" data-id=\"1b788d3a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">4.1. Encouragement of Responsible Disclosure <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3a65df54 elementor-widget elementor-widget-text-editor\" data-id=\"3a65df54\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tPROS encourages security researchers and external parties to report vulnerabilities responsibly. We value the\ncontributions of the security community in enhancing the security of our products and services.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-263816cd elementor-widget elementor-widget-heading\" data-id=\"263816cd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">4.2. Legal Safe Harbor \n<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-211c2aef elementor-widget elementor-widget-text-editor\" data-id=\"211c2aef\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tTo protect individuals who report vulnerabilities in good faith, PROS offers safe harbor provisions. PROS will not initiate legal action against them as long as the\nreporter:\n<ul>\n \t<li>Engages in responsible and ethical behavior.<\/li>\n \t<li>Does not perform unauthorized testing or actions beyond what is necessary to discover the vulnerability.<\/li>\n \t<li>Adheres to the guidelines outlined in this policy.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5adb874e elementor-widget elementor-widget-heading\" data-id=\"5adb874e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">4.3. No Authorization to Access<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-117dff18 elementor-widget elementor-widget-text-editor\" data-id=\"117dff18\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tThis policy does not grant permission to conduct security testing or access systems beyond what is necessary to\nidentify and report the vulnerability. Unauthorized access or testing may violate applicable laws.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-297c4ef6 elementor-widget elementor-widget-heading\" data-id=\"297c4ef6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">5. Reporting Process<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-129f1294 elementor-widget elementor-widget-heading\" data-id=\"129f1294\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">5.1. How to Report a Vulnerability<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2a22ad7 elementor-widget elementor-widget-text-editor\" data-id=\"2a22ad7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tVulnerabilities can be reported through the following channels:\n<ul>\n \t<li><strong>Email:<\/strong> <a href=\"mailto:security@pros.com\">security@pros.com<\/a><\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-15eb1b46 elementor-widget elementor-widget-heading\" data-id=\"15eb1b46\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">5.2. Required Information<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-222f8e84 elementor-widget elementor-widget-text-editor\" data-id=\"222f8e84\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tWhen reporting a vulnerability, please include the following information to facilitate timely assessment and\nremediation: \n<ul>\n<li><strong>Contact Information:<\/strong> Your name, email address, and any other relevant contact details.<\/li>\n<li><strong>Description:<\/strong> A clear and detailed description of the vulnerability.<\/li>\n<li><strong>Impact:<\/strong> Potential impact and severity of the vulnerability.<\/li>\n<li><strong>Reproduction Steps:<\/strong> Step-by-step instructions to reproduce the vulnerability.<\/li>\n<li><strong>Proof of Concept:<\/strong> Any code snippets, screenshots, or other evidence demonstrating the vulnerability.<\/li>\n<li><strong>Affected Systems:<\/strong> Specific products, services, or versions affected.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-52bd0cbf elementor-widget elementor-widget-heading\" data-id=\"52bd0cbf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">6. Response and Acknowledgment<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-61f1bbdf elementor-widget elementor-widget-heading\" data-id=\"61f1bbdf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">6.1. Initial Acknowledgment<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f3e5bff elementor-widget elementor-widget-text-editor\" data-id=\"f3e5bff\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tUpon receiving a vulnerability report, PROS will acknowledge receipt within 5 business days. The\nacknowledgment will include:\n<ul>\n \t<li>Confirmation that the report has been received.<\/li>\n \t<li>A reference number for tracking.<\/li>\n \t<li>An estimated timeline for further communication.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-706d8330 elementor-widget elementor-widget-heading\" data-id=\"706d8330\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">6.2. Assessment and Remediation<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-391b3033 elementor-widget elementor-widget-text-editor\" data-id=\"391b3033\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tPROS will:\n<ul>\n \t<li>Assess the validity and severity of the reported vulnerability.<\/li>\n \t<li>Prioritize remediation based on the impact and risk.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-600ae015 elementor-widget elementor-widget-heading\" data-id=\"600ae015\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">6.3. Final Communication<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7cb1eae9 elementor-widget elementor-widget-text-editor\" data-id=\"7cb1eae9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tOnce the vulnerability has been addressed, PROS will:\n<ul>\n \t<li>Inform the reporter that it has been resolved.<\/li>\n \t<li>Coordinate public disclosure (if applicable) in a mutually agreed timeframe.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6ad2fbb1 elementor-widget elementor-widget-heading\" data-id=\"6ad2fbb1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">7. Recognition and Rewards<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3e8af0d0 elementor-widget elementor-widget-text-editor\" data-id=\"3e8af0d0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tPROS does NOT offer financial compensation for vulnerabilities.  PROS does offer a Certificate of Recognition for all valid vulnerability reports.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3e38b6e4 elementor-widget elementor-widget-heading\" data-id=\"3e38b6e4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">8. Responsible Disclosure Guidelines<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2df8f4a5 elementor-widget elementor-widget-text-editor\" data-id=\"2df8f4a5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\tTo ensure responsible disclosure, reporters should adhere to the following guidelines:\n<ul>\n<li><strong>Do Not Exploit:<\/strong> Do not exploit the vulnerability beyond what is necessary to demonstrate its existence.<\/li>\n<li><strong>Do Not Disclose Publicly:<\/strong> Refrain from publicly disclosing the vulnerability until the Company has had\nsufficient time to address it.<\/li>\n<li><strong>Respect Privacy:<\/strong> Avoid accessing or exposing any user data or private information.<\/li>\n<li><strong>Minimal Impact Testing:<\/strong> Conduct testing in a manner that does not disrupt services or affect other users.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-61b06d89 elementor-widget elementor-widget-heading\" data-id=\"61b06d89\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">9. Compliance and Legal Considerations<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-74970153 elementor-widget elementor-widget-text-editor\" data-id=\"74970153\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li><strong>Applicable Laws:<\/strong> Reporters must comply with all applicable local, national, and international laws when\ntesting and reporting vulnerabilities.<\/li>\n<li><strong>Privacy:<\/strong> PROS respects the privacy of all individuals and commits to protecting personal data.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c59e241 elementor-widget elementor-widget-heading\" data-id=\"c59e241\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">10. Contact Information<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-509236ae elementor-widget elementor-widget-text-editor\" data-id=\"509236ae\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>For any questions or further assistance regarding this policy, please contact:<\/p><ul><li><strong>Email:<\/strong> <a href=\"mailto:security@pros.com\">security@pros.com<br \/><\/a><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-722bfb83 elementor-widget elementor-widget-text-editor\" data-id=\"722bfb83\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<strong>Thank you for helping us maintain the security and integrity of PROS products and services. Your contributions are\nhighly valued and appreciated.<\/strong>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Trust &amp; Security External Vulnerability Disclosure Policy Table of Contents 1. Purpose PROS is committed to maintaining the highest standards of security for our software products and services. This External Vulnerability Disclosure Policy outlines how security researchers, ethical hackers, and external parties can responsibly report vulnerabilities they discover in our systems, ensuring the safety and [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"parent":62029,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"elementor_header_footer","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-65192","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.1.1) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>External Vulnerability Disclosure Policy | PROS<\/title>\n<meta name=\"description\" content=\"PROS\u2019 External Vulnerability Disclosure Policy outlines how to responsibly report security issues, with safe harbor protections and clear reporting guidelines\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"External Vulnerability Disclosure Policy\" \/>\n<meta property=\"og:description\" content=\"PROS\u2019 External Vulnerability Disclosure Policy outlines how to responsibly report security issues, with safe harbor protections and clear reporting guidelines\" \/>\n<meta property=\"og:url\" content=\"https:\/\/s28288.pros.com\/de\/trust-security\/external-vulnerability-disclosure-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"PROS\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/PROSInc\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-30T17:18:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/s28288.pros.com\/wp-content\/uploads\/2025\/05\/PROS_logo_512x512.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@PROS_Inc\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/\",\"url\":\"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/\",\"name\":\"External Vulnerability Disclosure Policy | PROS\",\"isPartOf\":{\"@id\":\"https:\/\/s28288.pros.com\/#website\"},\"datePublished\":\"2025-09-30T14:46:31+00:00\",\"dateModified\":\"2025-09-30T17:18:44+00:00\",\"description\":\"PROS\u2019 External Vulnerability Disclosure Policy outlines how to responsibly report security issues, with safe harbor protections and clear reporting guidelines\",\"breadcrumb\":{\"@id\":\"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/#breadcrumb\"},\"inLanguage\":\"de-DE-formal\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/s28288.pros.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trust &#038; Security\",\"item\":\"https:\/\/s28288.pros.com\/trust-security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"External Vulnerability Disclosure Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/s28288.pros.com\/#website\",\"url\":\"https:\/\/s28288.pros.com\/\",\"name\":\"PROS\",\"description\":\"AI-powered airline retailing and offer management platform\",\"publisher\":{\"@id\":\"https:\/\/s28288.pros.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/s28288.pros.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de-DE-formal\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/s28288.pros.com\/#organization\",\"name\":\"PROS, Inc.\",\"url\":\"https:\/\/s28288.pros.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de-DE-formal\",\"@id\":\"https:\/\/s28288.pros.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/s28288.pros.com\/wp-content\/uploads\/2025\/04\/Pros-logo-1.png\",\"contentUrl\":\"https:\/\/s28288.pros.com\/wp-content\/uploads\/2025\/04\/Pros-logo-1.png\",\"width\":262,\"height\":75,\"caption\":\"PROS, Inc.\"},\"image\":{\"@id\":\"https:\/\/s28288.pros.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/PROSInc\",\"https:\/\/x.com\/PROS_Inc\",\"https:\/\/www.instagram.com\/pros.inc\/\",\"https:\/\/www.linkedin.com\/company\/pros\/\",\"https:\/\/www.youtube.com\/user\/PROSpricing\"],\"diversityStaffingReport\":\"https:\/\/s28288.pros.com\/about-pros\/diversity-and-inclusion\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"External Vulnerability Disclosure Policy | PROS","description":"PROS\u2019 External Vulnerability Disclosure Policy outlines how to responsibly report security issues, with safe harbor protections and clear reporting guidelines","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"de_DE","og_type":"article","og_title":"External Vulnerability Disclosure Policy","og_description":"PROS\u2019 External Vulnerability Disclosure Policy outlines how to responsibly report security issues, with safe harbor protections and clear reporting guidelines","og_url":"https:\/\/s28288.pros.com\/de\/trust-security\/external-vulnerability-disclosure-policy\/","og_site_name":"PROS","article_publisher":"https:\/\/www.facebook.com\/PROSInc","article_modified_time":"2025-09-30T17:18:44+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/s28288.pros.com\/wp-content\/uploads\/2025\/05\/PROS_logo_512x512.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@PROS_Inc","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/","url":"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/","name":"External Vulnerability Disclosure Policy | PROS","isPartOf":{"@id":"https:\/\/s28288.pros.com\/#website"},"datePublished":"2025-09-30T14:46:31+00:00","dateModified":"2025-09-30T17:18:44+00:00","description":"PROS\u2019 External Vulnerability Disclosure Policy outlines how to responsibly report security issues, with safe harbor protections and clear reporting guidelines","breadcrumb":{"@id":"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/#breadcrumb"},"inLanguage":"de-DE-formal","potentialAction":[{"@type":"ReadAction","target":["https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/s28288.pros.com\/trust-security\/external-vulnerability-disclosure-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/s28288.pros.com\/"},{"@type":"ListItem","position":2,"name":"Trust &#038; Security","item":"https:\/\/s28288.pros.com\/trust-security\/"},{"@type":"ListItem","position":3,"name":"External Vulnerability Disclosure Policy"}]},{"@type":"WebSite","@id":"https:\/\/s28288.pros.com\/#website","url":"https:\/\/s28288.pros.com\/","name":"die intelligente Preisverwaltung von PROS integrieren,","description":"AI-powered airline retailing and offer management platform","publisher":{"@id":"https:\/\/s28288.pros.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/s28288.pros.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de-DE-formal"},{"@type":"Organization","@id":"https:\/\/s28288.pros.com\/#organization","name":"PROS, Inc.","url":"https:\/\/s28288.pros.com\/","logo":{"@type":"ImageObject","inLanguage":"de-DE-formal","@id":"https:\/\/s28288.pros.com\/#\/schema\/logo\/image\/","url":"https:\/\/s28288.pros.com\/wp-content\/uploads\/2025\/04\/Pros-logo-1.png","contentUrl":"https:\/\/s28288.pros.com\/wp-content\/uploads\/2025\/04\/Pros-logo-1.png","width":262,"height":75,"caption":"PROS, Inc."},"image":{"@id":"https:\/\/s28288.pros.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/PROSInc","https:\/\/x.com\/PROS_Inc","https:\/\/www.instagram.com\/pros.inc\/","https:\/\/www.linkedin.com\/company\/pros\/","https:\/\/www.youtube.com\/user\/PROSpricing"],"diversityStaffingReport":"https:\/\/s28288.pros.com\/about-pros\/diversity-and-inclusion\/"}]}},"_links":{"self":[{"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/pages\/65192","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/comments?post=65192"}],"version-history":[{"count":3,"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/pages\/65192\/revisions"}],"predecessor-version":[{"id":65219,"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/pages\/65192\/revisions\/65219"}],"up":[{"embeddable":true,"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/pages\/62029"}],"wp:attachment":[{"href":"https:\/\/s28288.pros.com\/de\/wp-json\/wp\/v2\/media?parent=65192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}