diff options
| author | pandaninjas <101084582+pandaninjas@users.noreply.github.com> | 2022-12-25 05:41:03 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-25 05:41:03 +0000 |
| commit | 9bfb4050a7061cf7ef0467c0c583c6efd0243899 (patch) | |
| tree | f289f57ce5f70f1374bbe0f086b92c8df65555a5 | |
| parent | 3fb80c8181d8f4ed4f798a9c451050c0fbb0929c (diff) | |
| download | NoSession-9bfb4050a7061cf7ef0467c0c583c6efd0243899.tar.gz NoSession-9bfb4050a7061cf7ef0467c0c583c6efd0243899.tar.bz2 NoSession-9bfb4050a7061cf7ef0467c0c583c6efd0243899.zip | |
Create SECURITY.md
| -rw-r--r-- | SECURITY.md | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..da25fbf --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,26 @@ +# Security Policy + +## Supported Versions + +Currently all versions are supported. + +| Version | Supported | +| ------- | ------------------ | +| 1.0.0 | ✔️ | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. + +A vulnerability is currently defined as being able to get the session ID with only a mod that gets loaded after NoSession loads its tweaker. +A non-comprehensive list of out of scope vulnerabilities: +- Stealing information from launcher files +- Using the OS level args methods + +However, if you can produce a patch for an out of scope vulnerability, a bug bounty will be awarded as well. + +The bug bounty is a $5 USD Amazon Gift Card. I might run out, so it's awarded on a first come, first serve basis. |