search

slawkens / myaac

A free and open-source Automatic Account Creator (AAC) written in PHP
https://my-aac.org
GNU General Public License v3.0
125 stars 99 forks source link

Add a security policy #234

Closed psmoros closed 9 months ago

psmoros commented 1 year ago

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@ouuan) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

slawkens commented 1 year ago

Hello,

I will create that file, but currently don't have time.

You can send details to: security@my-aac.org

ouuan commented 1 year ago

Hi @slawkens, I see that you have fixed the vulnerabilities. Please review & publish the report on huntr.dev. Thank you!

slawkens commented 9 months ago

Hi,

So I have added SECURITY.md file into the repo.

I also published the report on your site.

So its time to close this one.

Sorry for late reply!