mirror of
https://github.com/th30d4y/BURP-AI.git
synced 2026-05-26 11:35:52 +00:00
krraze
56 lines
1.7 KiB
Markdown
56 lines
1.7 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
The following versions of this project are currently receiving security updates:
|
|
|
|
|
|
> **Note:** We strongly recommend upgrading to a supported version to receive the latest security patches.
|
|
|
|
---
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability in this project, please follow the responsible disclosure process below.
|
|
|
|
### How to Report
|
|
|
|
Send a detailed report to: **w4nn4d133@gmail.com**
|
|
|
|
Please include the following information in your report:
|
|
|
|
- A clear description of the vulnerability
|
|
- Steps to reproduce the issue
|
|
- Affected version(s)
|
|
- Potential impact of the vulnerability
|
|
|
|
---
|
|
|
|
## What to Expect
|
|
|
|
| Stage | Timeline |
|
|
| ----------------------------- | ------------------- |
|
|
| Acknowledgement of report | Within 48 hours |
|
|
| Severity assessment (CVSS v3) | Within 5 business days |
|
|
| Status update | Every 7 days |
|
|
| Patch release (if accepted) | Depends on severity |
|
|
|
|
### If Your Vulnerability Is Accepted
|
|
|
|
- You will be notified of the remediation plan and estimated fix timeline.
|
|
- Credit will be given in the release notes (unless you prefer to remain anonymous).
|
|
- A CVE identifier may be requested if applicable.
|
|
|
|
### If Your Vulnerability Is Declined
|
|
|
|
- You will receive a detailed explanation of why the report was not accepted.
|
|
- You are welcome to provide additional information if you believe the decision should be reconsidered.
|
|
|
|
---
|
|
|
|
## Responsible Disclosure
|
|
|
|
Please do **not** publicly disclose the vulnerability until a fix has been released or we have mutually agreed on a disclosure timeline. We are committed to working with security researchers in good faith.
|
|
|
|
Thank you for helping keep this project secure. 🔒
|