Reporting Security Vulnerabilities
We take the security of furg.us seriously. If you believe you have found a security vulnerability,
please report it to us as described below.
Please DO NOT:
- Report security vulnerabilities through public GitHub issues
- Disclose security-related issues publicly
- Attempt to exploit vulnerabilities on production systems
How to Report
Please report security vulnerabilities to:
What to Include
When reporting a vulnerability, please include:
- A detailed description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Suggested fix (if available)
- Your contact information
Response Timeline
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Resolution: As quickly as possible, typically within 30 days
Recognition
We appreciate security researchers who responsibly disclose vulnerabilities.
Contributors will be recognized in our Hall of Fame.
Scope
This security policy applies to all services and infrastructure under the furg.us domain.