Report a website vulnerability

A website vulnerability is a weakness that allows an attacker to gain some level of control of a website.

Once found, these vulnerabilities can be exploited to steal data, distribute malicious content, or inject defacement and spam content into the vulnerable site.

We encourage the public to report website vulnerabilities. If you've found or know of any vulnerabilities to any Customs website, please complete the form below.

What will Customs do?

We'll acknowledge receipt of this form as soon as possible and provide an update within seven (7) working days.
We'll assess and validate the reported vulnerability.
If requested, you can be notified of the outcome.
We'll aim to fix vulnerabilities as quickly as practicable.

Customs will not seek legal recourse for any reported vulnerabilities unless the vulnerability is:

Used to change, deface or destroy the website.
Used to corrupt or destroy data.
Used to access or share any information that does not belong to the reporter.
Reported to others so it may be exploited for malicious intent.
Used to undertake ‘Denial of Service’ attacks.

Vulnerability reporting

Description of vulnerability

What were you doing at the time?

Which web browser and version were you using?

What did the end result of the vulnerability look like?

Do you know if any previously unpublished information was exposed? If so, what was it?

Do you know if this vulnerability has been shared with others?

Do you have any other relevant information that will help us fix the vulnerability?

Would you like to be notified of the investigation outcome for this vulnerability?

Personal

Business

About us

Report a website vulnerability

What will Customs do?

Vulnerability reporting

About us

Information

Using this website