Skip to content

Security: TheFlightSims/labs-portal

SECURITY.md

Security

TheFlightSims takes the security responsibilities of our software products and services seriously, including all open-source software and closed-source software

Reporting Security Issues

Note: You shouldn't report the security vulnerabilities on the Issue or the public place. Any attackers can use these vulnerabilities to exploit non-public data - which causes security vulnerability.

You can report security issues on these platforms:

  • Discord (Direct Message is recommended)
  • The repository security page (preferred)
  • Email

Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:

  • Type of issue (e.g., buffer overflow, SQL injection, cross-site scripting)

  • Full paths of the source file(s) related to the manifestation of the issue

  • The location of the affected source code (tag/branch/commit or direct URL)

  • Any special configuration required to reproduce the issue

  • Step-by-step instructions to reproduce the issue

  • Proof-of-concept or exploit code (if possible)

  • Impact of the case, including how an attacker might control the issue

This information will help us triage your report more quickly.

Preferred Languages

You can use all human-valid languages. However, you may consider using English (US) to prevent misunderstanding.

There aren’t any published security advisories