From 9c956a633b08129726b7254b5b127076befdc770 Mon Sep 17 00:00:00 2001 From: saxix Date: Fri, 21 Jun 2024 10:46:12 +0200 Subject: [PATCH] add SECURIY.md --- SECURITY.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..e6279e61 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,20 @@ +Security +Reporting Security Issues +If you've found a security issue in HDE, you can submit your report to hope-security[@]unicef.org via email. + +Please include as much information as possible in your report to better help us understand and resolve the issue: + +Where the security issue exists (ie. HDE Core, API subsystem, etc.) +The type of issue (ex. SQL injection, cross-site scripting, missing authorization, etc.) +Full paths or links to the source files where the security issue exists, if possible +Any special configuration required to reproduce the issue +Step-by-step instructions to reproduce the issue +Proof of concept or exploit code, if available + +If you need to encrypt sensitive information sent to us, please use our [PGP key](https://keys.openpgp.org/vks/v1/by-fingerprint/F72BF087F3A94FE4A305CE449061F6AC06E40F32): + + +F72B F087 F3A9 4FE4 A305 CE44 9061 F6AC 06E4 0F32 + + +hkps://keys.openpgp.org