# Acknowledgements

## Software used

 * [Go](https://golang.org/)
 * [ScyllaDB](https://www.scylladb.com/)
 * [Nginx](https://www.nginx.com/)
 * [Ubuntu Server edition](https://ubuntu.com/)
 * [Debian](https://www.debian.org/)

## Programming libraries

 * [scylladb/gocql](https://github.com/scylladb/gocql)
 * [scylladb/gocqlx](https://github.com/scylladb/gocqlx)
 * [BurntSushi/toml](https://github.com/BurntSushi/toml)
 * [julienschmidt/httprouter](https://github.com/julienschmidt/httprouter)
 * [gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype)
 * [disintegration/imaging](https://github.com/disintegration/imaging)
 * [gorilla/websocket](https://github.com/gorilla/websocket)
 * [shopspring/decimal](https://github.com/shopspring/decimal)
 * [jhillyerd/enmime](https://github.com/jhillyerd/enmime)
 * [russross/blackfriday](https://github.com/russross/blackfriday)
 * [microcosm-cc/bluemonday](https://github.com/microcosm-cc/bluemonday)

### Web framework

 * [Svelte](https://svelte.dev/)

## Security work

 * 2020-12-06 Security researcher Arian Firoozfar reported a cross-site
   scripting vulnerability on the file viewer page. The issue was fixed the
   following day. On the 26th another XSS vulnerability was found on the account
   settings page, it was fixed later that day.

 * 2017-12-04 Security researcher Hangyi reported a cross-site scripting
   vulnerability on the file viewer page. The issue was fixed on the 6th.

If you have discovered a security issue in pixeldrain please disclose it
responsibly at [support@pixeldrain.com](mailto:support@pixeldrain.com). We do
not have a bug bounty program.