Skip to content
This repository has been archived by the owner on Oct 4, 2024. It is now read-only.

Latest commit

 

History

History
40 lines (28 loc) · 2.21 KB

SECURITY.md

File metadata and controls

40 lines (28 loc) · 2.21 KB

[German] | [French] | [Spanish] | [日本語]

Security Policy

REPORTING

So, you have found a security vulnerability. Please, be sure to responsibly disclose it to us by reporting a vulnerability under following Page: https://github.com/T1z3n/Visitor-Management-System/issues

NON-QUALIFYING VULNERABILITIES

We will not accept reports of vulnerabilities of the following types:

  • Reports from automated tools or scanners.
  • Theoretical attacks without proof of exploitability.
  • Attacks that are the result of a third-party application or library (these should instead be reported to the library maintainers).
  • Social engineering.
  • Attacks involving physical access to a user’s device, or involving a device or network that’s already seriously compromised (like, man-in-the-middle).
  • Attacks that require the user to install a malicious other software, like a third-party integration, add-on, or plugin.
  • Attacks that the user can only perform against their own setup.
  • Privilege escalation attacks for logged in users

SUPPORTED VERSIONS

Supported are only the latest Version on Github. At the moment there's no LTS avalible.

SEVERITY SCORING

If you are familiar with CVSS3.1, please provide the vulnerability score in your report in the shape of a vector string. There’s a calculator that can be helpful. If you are unsure how or unable to score a vulnerability, state that in your report, and we will look into it.

If you intend to provide a score, please familiarize yourself with CVSS first (we strongly recommend reading the Specification and Scoring Guide).

Sources:

CVSS-Calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

BUG-Bounty

At the Moment, there's no active Bug Bounty Programm avalible. When it's avalible, I will Announce it in social Media or here on the Wiki-Feed.