Puranjay Savar Mattas
8176118c0f
- README.md: Product overview + issue tracker landing - SECURITY.md: Responsible disclosure policy - CODE_OF_CONDUCT.md: Community guidelines - CONTRIBUTING.md: How to contribute - SUPPORT.md: Comprehensive support guide - Issue templates: Bug, feature, support, docs, security All references updated to evercatch.dev domain.
45 lines
1.1 KiB
Markdown
45 lines
1.1 KiB
Markdown
---
|
|
name: 🔐 Security Vulnerability
|
|
about: Report a security issue (PRIVATE - use email instead)
|
|
title: 'DO NOT USE - Email security@evercatch.dev'
|
|
labels: security
|
|
assignees: ''
|
|
---
|
|
|
|
# ⚠️ STOP - DO NOT USE THIS TEMPLATE
|
|
|
|
**Security vulnerabilities should NOT be reported publicly.**
|
|
|
|
Please email us instead: **security@evercatch.dev**
|
|
|
|
## Why?
|
|
|
|
Public disclosure of security issues can:
|
|
- Put user data at risk
|
|
- Allow attackers to exploit the vulnerability
|
|
- Violate responsible disclosure practices
|
|
|
|
## What to Include in Your Email
|
|
|
|
- **Description** - What is the vulnerability?
|
|
- **Steps to Reproduce** - How can we reproduce it?
|
|
- **Impact** - What could an attacker do?
|
|
- **Proof of Concept** - Code or screenshots (optional)
|
|
- **Suggested Fix** - If you have one
|
|
- **Your Contact Info** - For follow-up
|
|
|
|
## Our Commitment
|
|
|
|
- ✅ Response within 24 hours
|
|
- ✅ Updates every 48 hours
|
|
- ✅ Credit in security advisories (if desired)
|
|
- ✅ Potential bug bounty (for critical issues)
|
|
|
|
## Security Policy
|
|
|
|
Read our full security policy: [SECURITY.md](../../SECURITY.md)
|
|
|
|
---
|
|
|
|
**Thank you for keeping Evercatch secure!** 🔒
|