aboutsummaryrefslogtreecommitdiff
path: root/SECURITY.md
diff options
context:
space:
mode:
Diffstat (limited to 'SECURITY.md')
-rw-r--r--SECURITY.md15
1 files changed, 7 insertions, 8 deletions
diff --git a/SECURITY.md b/SECURITY.md
index ddb0c83..7d9b630 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,22 +2,21 @@
## Supported Versions
-Currently all versions are supported.
-
-| Version | Supported |
-| ------- | ------------------ |
-| 1.0.0 | ✔️ |
-| Any nightly branch | ❌ |
+Currently, all releaswed versions are supported.
+| Version | Supported |
+|--------------------|-----------|
+| 1.0.0 | ✔️ |
+| Any nightly branch | ❌ |
## Reporting a Vulnerability
A vulnerability is currently defined as being able to get the session ID with only a mod that gets loaded after NoSession loads its tweaker.<br>
Vulnerabilities that are out of scope are defined as those that NoSession itself cannot prevent.
-However, if you can produce a patch for an out of scope vulnerability, a bug bounty will be awarded as well.
+However, if you can produce a patch for an out-of-scope vulnerability, a bug bounty will be awarded as well.
The bug bounty is a $5 USD Amazon Gift Card. I might run out, so it's awarded on a first come, first serve basis.
-Report the bug bounty by emailing admin@malwarefight.gq or by sending a DM to PandaNinjas#3017 on Discord.<br>
+Report the bug bounty by sending a DM to PandaNinjas#3017 on Discord.<br>
If you would like, you can encrypt the message with my [public GPG key](https://raw.githubusercontent.com/pandaninjas/pandaninjas/main/pandaninjas-publickey.key)<br>
Your bug bounty may be invalidated if you disclose it to the public before.