Create SECURITY.md

SECURITY.md

@@ -0,0 +1,27 @@
+# Security Policy
+
+This is the security/disclosure policy for Reddit Enhancement Suite, it covers all repositories that are related to the core project. We appreciate all disclosures related to the project.
+
+As we are a community developed project, we are unable to offer rewards for disclosures.
+
+## Supported Versions
+
+We support the latest version of RES on all supported browsers. Please see below for a complete list.
+
+| Browser | Supported          |
+| ------- | ------------------ |
+| Google Chrome   | :white_check_mark: |
+| Mozilla Firefox   | :white_check_mark:                |
+| Mozilla Firefox ESR 78   | :white_check_mark:                |
+| Mozilla Firefox ESR 68   | :grey_question:*                |
+| Microsoft Edge   | :x:                |
+| Microsoft Edge Chromium  | :white_check_mark:                |
+| Safari  | :x:                |
+
+Mozilla Firefox ESR 68: We will backport depending on the impact of the vulnerability.
+
+## Reporting a Vulnerability
+
+In order to report a vulnerability, please send an initial email to: ben@redditenhancementsuite.com and we will respond confirming the report. A public PGP key will be provided for future communications. Please provide as much detail as possible for initial triage, if you would rather report under the PGP key please let us know on the email above.
+
+We will aim to respond in 24 hours, if you do not get a response in this timeframe place raise a GitHub issue stating you are having problems contacting us.