We take security vulnerabilities seriously and appreciate your efforts to responsibly disclose any issues you may find. If you discover a security vulnerability, please report it privately to ensure responsible disclosure and timely resolution.
Please send an email to skmasih11@gmail.com with the subject line "[Security Issue] - [Brief Description]" and include the following details:
- π Description: A clear and concise summary of the vulnerability.
- βοΈ Steps to Reproduce: Detailed steps or proof of concept (PoC) to replicate the issue.
- π― Impact Assessment: Potential risks, affected components, and possible exploit scenarios.
- πΈ Supporting Evidence: Screenshots, logs, or other relevant materials.
Alternatively, you can open a security issue on our GitHub repository with the "Security" label. Ensure that no sensitive details are disclosed publiclyβonly provide a general description, and we will follow up privately.
To ensure a secure and responsible disclosure process, we commit to the following:
- π¬ Response Time: We will acknowledge your report within 48 hours and begin the investigation.
- π Resolution Plan: We will provide an estimated timeline for patching the vulnerability.
- π Confidentiality: Your report and identity will remain strictly confidential unless you choose otherwise.
- π Recognition: If applicable, we will acknowledge your contribution in our release notes or security disclosures, unless you prefer to remain anonymous.
Your help in securing our project is greatly appreciated, and we value responsible security research and disclosure.
Thank you for your dedication to keeping our project and users safe! π