Vulnerability Reporting

If you believe you’ve discovered a security vulnerability on or within an eGain service, or application, we encourage you to inform us as soon as possible. We ask that you keep such reports private until we’ve resolved the issue. If you would like to report a vulnerability or have a security concern regarding eGain services, please submit the information using the form below.

eGain will respond to your submission within 2 business days, confirming receipt of the reported vulnerability and will keep you up to date on progress of the reported vulnerability.

eGain will work to validate the reported vulnerability. If additional information is required to validate or reproduce the issue, eGain may ask for further information from you. When the initial investigation is complete, results will be delivered to you along with a plan for resolution and if applicable a plan for public disclosure. If the issue cannot be validated or not within the eGain services, this information will be shared with you.

Public Notification

If applicable, eGain will coordinate public notification of any validated vulnerability with you.
In order to protect our customers, eGain requests that you do not share any information about a potential vulnerability in any public setting until we have researched, responded to, addressed the reported vulnerability, and informed customers if needed. Also, we respectfully ask that you do not post or share any data belonging to our customers. Addressing a valid reported vulnerability will take time, and the timeline will depend upon the severity of the vulnerability and the affected systems.

Submission Form

Help us get an idea of what this vulnerability is about.
Click or drag files to this area to upload. You can upload up to 4 files.
Image and document format allowed. 5 MB limit per file.

Skip to content