JavaScript Required

Fripr is a modern, high-performance web application that requires JavaScript to function. Please enable JavaScript in your browser settings to continue.

Security First

Security & Responsible Disclosure

At Fripr, we take the security of our platform and users seriously. If you believe you've found a vulnerability, we want to hear from you.

Disclosure Policy

We ask that you follow these guidelines when reporting an issue:

Do no harm: Do not exploit vulnerabilities to access user data, destroy data, or degrade our services.
Give us time: Provide a reasonable amount of time to resolve the issue before disclosing it publicly.
Keep it confidential: Do not share the details of the vulnerability with anyone else until it has been fixed.

In Scope

Authentication & Authorization bypasses
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Server-Side Request Forgery (SSRF)
SQL Injection

Out of Scope

Denial of Service (DoS/DDoS) attacks
Social engineering or phishing
Physical security attacks
Clickjacking on pages with no sensitive actions

Safe Harbor

If you conduct your research in good faith and comply with this policy, we will not initiate or support any legal action against you related to your research. We consider activities conducted consistent with this policy to constitute "authorized" conduct.

Report an Issue

Found a bug? Let our security team know directly.