mirror of
https://github.com/serghey-rodin/vesta.git
synced 2025-03-12 04:36:25 -07:00
9 lines
761 B
Markdown
9 lines
761 B
Markdown
# Reporting Security Vulnerabilities
|
|
|
|
**If you believe you have discovered a security issue with VestaCP, please open a new private security vulnerability report through https://github.com/outroll/vesta/security/advisories/new.
|
|
|
|
You can also report security vulnerabilities to [security@vestacp.com](mailto:security@vestacp.com), and we will create a new security advisory for tracking the fix on your behalf.
|
|
|
|
We value the effort and contribution of independent security researchers and will credit security researchers in the release notes of the fix, on the following conditions:
|
|
- Vulnerabilities are not published publicly prior to the VestaCP releasing a fix; and
|
|
- Researchers provide at least 90 days to address the issue before disclosing it publicly. |