At Ldesign Media, we take the security of our software very seriously. This policy outlines the steps we take to ensure the security of our software and how you can help us keep it secure.

To ensure the best security for our users, we only provide support for the latest version of our software.

If you discover a security vulnerability in our software, we kindly ask that you report it to us as soon as possible by sending an email to [email protected]. Please do not use the issue tracker for reporting security vulnerabilities. We will make every effort to investigate and resolve the vulnerability in a timely manner.

When reporting a vulnerability, please include the following information (as much as you can provide) to help us better understand the nature and scope of the issue:

• Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
• Full paths of source file(s) related to the manifestation of the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker might exploit the issue

This information will help us triage your report more quickly.

We do not currently have a bug bounty program, but we are grateful for any responsible disclosures of security vulnerabilities. Your efforts help make our software safer for everyone.

When a security vulnerability has been discovered and addressed, we will provide updates to the community as soon as possible to keep everyone informed.

We would like to extend our gratitude to the security researchers who have helped us improve the security of our software by responsibly reporting security vulnerabilities to us. Your contributions are invaluable to maintaining a safe and secure environment for our users.