Skip to content

Commit

Permalink
chore: improve security.md [ci skip]
Browse files Browse the repository at this point in the history
  • Loading branch information
yyx990803 committed Oct 10, 2021
1 parent 858bace commit 7bb9dd0
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion SECURITY.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
# Reporting a Vulnerability

Please send vulnerability reports to: security@vuejs.org
To report a vulnerability, please email security@vuejs.org.

While the discovery of new vulnerabilities is rare, we also recommend always using the latest versions of Vue and its official companion libraries to ensure your application remains as secure as possible.

Please note that we do not consider XSS via template expressions a valid attack vector, because it can only happen if the user intentionally uses untrusted content as template compilation source. This is similar to knowingly pasting untrusted scripts into a browser console. We explicitly warn users against using untrusted content as template compilation source in our documentation.

0 comments on commit 7bb9dd0

Please sign in to comment.