0x5t4l1n/BURP-AI
1
0
Fork 0
mirror of https://github.com/th30d4y/BURP-AI.git synced 2026-05-26 11:35:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update SECURITY.md

Browse Source
This commit is contained in:
Stalin
2026-05-25 01:36:20 +05:30
committed by GitHub
parent b541678154
commit 591e041eb6
1 changed files with 16 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SECURITY.md
+16 -42
View File
@@ -1,55 +1,29 @@
# **Security Policy**
## Security Policy
## Supported Versions
### Reporting Vulnerabilities
The following versions of this project are currently receiving security updates:
If you discover any security vulnerabilities, please report them responsibly.
Send detailed vulnerability reports to:
> **Note:** We strongly recommend upgrading to a supported version to receive the latest security patches.
Email: w4nn4d133@gmail.com
---
OpenPGP Fingerprint:
`DEBE5591C54E947279C14A6BF53D272DA9ADAF98`
## Reporting a Vulnerability
Public Key:
https://keys.openpgp.org/vks/v1/by-fingerprint/DEBE5591C54E947279C14A6BF53D272DA9ADAF98
If you discover a security vulnerability in this project, please follow the responsible disclosure process below.
Alternatively, you may submit your report through our official advisory channel (if available).
### How to Report
### Guidelines for Reporting
Send a detailed report to: **w4nn4d133@gmail.com**
Please include the following information in your report:
Please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Affected version(s)
- Potential impact of the vulnerability
- Proof-of-Concept (PoC), if possible
- The potential security impact
- Affected versions/components
---
## What to Expect
| Stage | Timeline |
| ----------------------------- | ------------------- |
| Acknowledgement of report | Within 48 hours |
| Severity assessment (CVSS v3) | Within 5 business days |
| Status update | Every 7 days |
| Patch release (if accepted) | Depends on severity |
### If Your Vulnerability Is Accepted
- You will be notified of the remediation plan and estimated fix timeline.
- Credit will be given in the release notes (unless you prefer to remain anonymous).
- A CVE identifier may be requested if applicable.
### If Your Vulnerability Is Declined
- You will receive a detailed explanation of why the report was not accepted.
- You are welcome to provide additional information if you believe the decision should be reconsidered.
---
## Responsible Disclosure
Please do **not** publicly disclose the vulnerability until a fix has been released or we have mutually agreed on a disclosure timeline. We are committed to working with security researchers in good faith.
Thank you for helping keep this project secure.
We appreciate responsible disclosure and will work to validate and address legitimate security issues promptly.