Skip to content

Latest commit

 

History

History
13 lines (9 loc) · 843 Bytes

SECURITY.md

File metadata and controls

13 lines (9 loc) · 843 Bytes

Security Policy

Supported Versions

Boxtribute is provided open source on an "as-is" basis with no warranties, implied or otherwise (see license). As such security patches on reported vulnerabilities will be provided for the latest release only on a best-effort basis.

Reporting a Vulnerability

To report a vulnerability, please send an email to [email protected] with "SECURITY VULNERABILITY IDENTIFIED" in the subject. In the email, please describe:

  1. The observed vulnerability and the expected severity in two or three sentences;
  2. The steps to reproduce it (if available); and
  3. Ideally, a suggested fix if you have one, including a reference to the relevant lines of code and associated files.

The team will get back to you on the status of your report and whether your proposal has been accepted as soon as we can.