OrangeHRM Security Policy

OrangeHRM Security Policy

Our security policy is to immediately respond to any reports of security vulnerabilities. Our security team will research, analyze, announce and deliver an update patch or release.

All security reports are treated as the highest priority to attain resolution and eliminate any risk that our users could potentially experience. If a patch contains security fixes, the security fix information is communicated in the release notes of the patch.

Reporting Security Vulnerabilities

We value the work done by security researchers in improving the security of our service offerings and we are committed to working with the community to verify, reproduce, and respond to legitimate reported vulnerabilities. To report a security issue please contact or fill and submit the form below.

Submit a Security Vulnerability

So far users of OrangeHRM
has tracked over

1 + Billion

Leave Requests

3.5+ Million


1 + Million


500,000 +