strapi/SECURITY.md

# Security Policy

## Supported Versions

As of November 2019 (and until this document is updated), only the v3.0.0-beta tags of Strapi are supported for updates. Any previous versions are currently not supported and users are advised to use them "at their own risk".

## Reporting a Vulnerability

Please report (suspected) security vulnerabilities to
**[security@strapi.io](mailto:security@strapi.io)** or via the [Strapi Slack](https://slack.strapi.io).

When reporting a (suspected) security vulnerability via slack please reach out to any of the following Strapi employees directly:

- `@aureliengeorget`
- `@alexandre`
- `@lauriejim`
- `@soupette`

You will receive a response from us within 72 hours. If the issue is confirmed,
we will release a patch as soon as possible depending on complexity
but historically within a few days.
Add security and vulnerability reporting page 2019-11-04 15:06:49 -07:00			`# Security Policy`

			`## Supported Versions`

			`As of November 2019 (and until this document is updated), only the v3.0.0-beta tags of Strapi are supported for updates. Any previous versions are currently not supported and users are advised to use them "at their own risk".`

			`## Reporting a Vulnerability`

			`Please report (suspected) security vulnerabilities to`
			`[security@strapi.io](mailto:security@strapi.io) or via the [Strapi Slack](https://slack.strapi.io).`

Fix typo on security.md 2019-11-05 09:39:56 +01:00			`When reporting a (suspected) security vulnerability via slack please reach out to any of the following Strapi employees directly:`
Add security and vulnerability reporting page 2019-11-04 15:06:49 -07:00
			- `@aureliengeorget`
			- `@alexandre`
			- `@lauriejim`
			- `@soupette`

			`You will receive a response from us within 72 hours. If the issue is confirmed,`
			`we will release a patch as soon as possible depending on complexity`
			`but historically within a few days.`