Submit a Security Report
If you've found a vulnerability or security issue in MODX CMS or one of our web properties, please use the form below to responsibly disclose as follows:
- Select the website or product that this report applies to
- Create separate reports for each issue or site
- If you have attachments to send us, you may submit those after we respond
MODX, MODX Cloud Websites or MODX CMS
Security reports for MODX and MODX Cloud web properties will be handled via our support and engineering teams. Security reports for MODX Revolution CMS will notifiy the team for the open source project.
A Note on MODX Evolution
MODX Evolution is now an independent project renamed Evolution CMS. Security reports may be made on the Evo.im website.
We do not currently have a bug bounty program. Each report is handled on a case-by-case basis.