diff options
| -rw-r--r-- | SECURITY.md | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..da25fbf --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,26 @@ +# Security Policy + +## Supported Versions + +Currently all versions are supported. + +| Version | Supported | +| ------- | ------------------ | +| 1.0.0 | ✔️ | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. + +A vulnerability is currently defined as being able to get the session ID with only a mod that gets loaded after NoSession loads its tweaker. +A non-comprehensive list of out of scope vulnerabilities: +- Stealing information from launcher files +- Using the OS level args methods + +However, if you can produce a patch for an out of scope vulnerability, a bug bounty will be awarded as well. + +The bug bounty is a $5 USD Amazon Gift Card. I might run out, so it's awarded on a first come, first serve basis. |