Create SECURITY.md

2021-09-06 07:57:47 +01:00 · 2021-09-06 07:57:47 +01:00 · c7da322160
parent 919042ed86
commit c7da322160
1 changed files with 15 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,15 @@
+# Security Policy
+
+## Versions
+
+As an open source product, we will only patch the latest major version for security vulnerabilities. Previous versions of budibase will not be retroactively patched.
+
+## Disclosing
+
+You can get in touch with us regarding a vulnerability via email at community@budibase.com.
+
+You can also disclose via huntr.dev. If you believe you have found a vulnerability, please disclose it on huntr and let us know.
+
+https://huntr.dev/bounties/disclose
+
+This will enable us to review the vulnerability and potentially reward you for your work.