photoprism/SECURITY.md
2022-01-15 17:26:29 +01:00

21 lines
900 B
Markdown

**Please contact us at [security@photoprism.app](mailto:security@photoprism.app) when you've discovered a potential security issue.**
You are welcome to also report vulnerabilities in third-party applications that we may not be able to fix directly.
At a minimum, your report should include the following:
* Version and architecture
* Vulnerability description
* Reproduction steps
We will then try to reproduce the problem, determine the impact and get back to you as soon as possible.
*Avoid activities that disrupt, degrade, or interrupt our services or compromise other users' data, such as spam, brute force attacks, denial of service attacks, and malicious file distribution.*
### Responsible Disclosure ###
1. Confirm that the vulnerability applies to a current version
2. First share the vulnerability details with us
3. Wait for resolution before sharing details
**Thank you!** 👍