search

stark0de / nginxpwner

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
Apache License 2.0
1.47k stars 145 forks source link

Add SECURITY.md #11

Open benharvie opened 2 years ago

benharvie commented 2 years ago

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@jhond0e) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

stark0de commented 2 years ago

Hey @benharvie sorry for the late response. Sure, I'll add the SECURITY.md file with the email address as you request.