Security Policy

Please find below our security policy.

Vulnerability Reporting

The security of our modules and our customers is paramount.

This is why we encourage security researchers to conduct analyses on our modules and to report any identified vulnerabilities to us, in accordance with responsible disclosure best practices.

We are committed to identifying and correcting any vulnerabilities, and to communicating transparently with concerned parties throughout the process.

If you believe you have discovered a vulnerability in one of our modules, you can report it to us responsibly via the address: contact@reversia.tech

We invite you to provide us with as much detail as possible (description, impact, affected version, reproduction steps).

Our Vulnerability Management Policy

Our team applies the following principles:

  • Acknowledgment of any relevant report within a maximum of 7 days. (CVSS ≥ 4.0)
  • Impact analysis and fix planning within a maximum of 30 days.
  • Publication of a security advisory with CVE if the CVSS score is ≥ 7.5)
  • No fix will be published silently.

At the same time, we make the following commitments to ensure responsible and ethical vulnerability management:

  • Not to prosecute researchers acting in good faith.
  • To guarantee that no confidentiality agreement, including white label agreements, can hinder the transparent publication of a security advisory with CVE identifier, in accordance with state-of-the-art practices.

We are well aware that this transparency is essential to enable concerned third parties (agencies, merchants, etc.) to meet their compliance obligations, particularly within the framework of the PCI-DSS standard or one of its simplified versions, such as SAQ-A.

Publication Authorization

We expressly authorize any company to publish information relating to fixed vulnerabilities in our modules on its official website, in accordance with the commitments of the Responsible Cybersecurity Charter.

This publication includes:

  • A CVE identifier associated with the vulnerability.
  • A security note clearly describing the problem and its resolution.
  • The affected versions and the fixed version.
  • An easy-to-deploy fix when updating is not possible.
  • Any useful information allowing users and agencies to protect themselves quickly

Touchweb

Last update: August 28, 2025

Logo Reversia

The e-commerce translation solution.
Designed for every business.

Request a demo

Excellent

4,000+ reviews on

Image Image Dark
English
Features
Company
Resources

Reversia - All rights reserved