Skip to content

Commit

Permalink
Create SECURITY.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@josxha
josxha committed Sep 14, 2024
1 parent ea100a4 commit ba9df84
Showing 1 changed file with 30 additions and 0 deletions.
30 changes: 30 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# Security Policy

## Acceptable Use

We generally invite security researchers to search for vulnerabilities
in our services. We kindly ask to not put any actual user data or
production systems at risk.

## Reporting Vulnerabilities

Report vulnerabilities via e-mail to <[email protected]>. We do not
offer a GPG key for encryption.

Please make sure that you include the following information:

- Which version is affected
- How can the bug be used/exploited
- Explanation of the risk

If you have not received an answer within a couple of days, feel free
to contact us again.

For used open source software, we recommend to file bug reports and/or
pull requests against the upstream repositories. This includes hardening
instructions in the installation documentation.

## About this Policy

This policy is based on the MIT licensed security policy of
[digitalfabrik/security-policy](https://github.com/digitalfabrik/security-policy).

0 comments on commit ba9df84

Please sign in to comment.