Security Reports

Submit a Security Report

If you’ve found a vulnerability or security issue in MODX CMS or one of our web properties, please use the form below to responsibly disclose as follows:

  • Select the website or product that this report applies to
  • Create separate reports for each issue or site
  • If you have attachments to send us, you may submit those after we respond

MODX, MODX Cloud Websites or MODX CMS

Security reports for MODX and MODX Cloud web properties will be handled via our support and enginering teams. Security reports for MODX Revolution CMS will notifiy the team for the open source project.

A Note on MODX Evolution

MODX Evolution is now an independent project renamed Evolution CMS. Security reports may be made on the Evo.im website.

Bug Bounty?

We do not currently have a bug bounty program. Each report is handled on a case-by-case basis.

Describe the vulnerablity or issue in as much detail as possible. The more information you provide the more quickly we can resolve the issue.

We use the information you provide in this form solely to assist you with your submission. You may review our Privacy Policy and MODX Website Terms of Service for more information.

Millions Rely on MODX

In 2005, MODX could power a fully mobile-responsive website using HTML5 and CSS3, even though those technologies weren’t invented yet. And with MODX today, you’re ready not only for what you need now but also what comes next.

Try MODX Right Now