0x5t4l1n/BURP-AI
1
0
Fork 0
mirror of https://github.com/th30d4y/BURP-AI.git synced 2026-05-26 11:35:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update SECURITY.md

Browse Source
This commit is contained in:
Stalin
2026-05-25 01:36:20 +05:30
committed by GitHub
parent b541678154
commit 591e041eb6
1 changed files with 16 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SECURITY.md
+16 -42
View File
@@ -1,55 +1,29 @@
# **Security Policy** ## Security Policy
## Supported Versions ### Reporting Vulnerabilities
The following versions of this project are currently receiving security updates: If you discover any security vulnerabilities, please report them responsibly.
Send detailed vulnerability reports to:
> **Note:** We strongly recommend upgrading to a supported version to receive the latest security patches. Email: w4nn4d133@gmail.com
--- OpenPGP Fingerprint:
`DEBE5591C54E947279C14A6BF53D272DA9ADAF98`
## Reporting a Vulnerability Public Key:
https://keys.openpgp.org/vks/v1/by-fingerprint/DEBE5591C54E947279C14A6BF53D272DA9ADAF98
If you discover a security vulnerability in this project, please follow the responsible disclosure process below. Alternatively, you may submit your report through our official advisory channel (if available).
### How to Report ### Guidelines for Reporting
Send a detailed report to: **w4nn4d133@gmail.com** Please include:
Please include the following information in your report:
- A clear description of the vulnerability - A clear description of the vulnerability
- Steps to reproduce the issue - Steps to reproduce the issue
- Affected version(s) - Proof-of-Concept (PoC), if possible
- Potential impact of the vulnerability - The potential security impact
- Affected versions/components
--- We appreciate responsible disclosure and will work to validate and address legitimate security issues promptly.
## What to Expect
| Stage | Timeline |
| ----------------------------- | ------------------- |
| Acknowledgement of report | Within 48 hours |
| Severity assessment (CVSS v3) | Within 5 business days |
| Status update | Every 7 days |
| Patch release (if accepted) | Depends on severity |
### If Your Vulnerability Is Accepted
- You will be notified of the remediation plan and estimated fix timeline.
- Credit will be given in the release notes (unless you prefer to remain anonymous).
- A CVE identifier may be requested if applicable.
### If Your Vulnerability Is Declined
- You will receive a detailed explanation of why the report was not accepted.
- You are welcome to provide additional information if you believe the decision should be reconsidered.
---
## Responsible Disclosure
Please do **not** publicly disclose the vulnerability until a fix has been released or we have mutually agreed on a disclosure timeline. We are committed to working with security researchers in good faith.
Thank you for helping keep this project secure.