Create SECURITY.md
This commit is contained in:
Theresa Gresch
GitHub
parent
11b4fbd5a0
commit
4af8d49310
1 changed files with 20 additions and 0 deletions
20
SECURITY.md
Normal file
20
SECURITY.md
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
# Security Policy
|
||||||
|
|
||||||
|
When you think you've discovered a security issue, please contact us at hello@photoprism.app.
|
||||||
|
|
||||||
|
Your report should at least include the following:
|
||||||
|
|
||||||
|
- Version and architecture
|
||||||
|
- Vulnerability description
|
||||||
|
- Reproduction steps
|
||||||
|
|
||||||
|
We will then try to reproduce it, determine the impact, and get back to you as soon as possible.
|
||||||
|
|
||||||
|
Please also report vulnerabilities in third-party applications.
|
||||||
|
|
||||||
|
### Responsible Disclosure ###
|
||||||
|
|
||||||
|
- Only test for vulnerabilities on your own PhotoPrism instance
|
||||||
|
- Confirm the vulnerability applies to a supported version
|
||||||
|
- Share vulnerability details with us first
|
||||||
|
- Wait for a fix before publicly sharing details
|
||||||
Loading…
Reference in a new issue