blob: da25fbf1d3d70fa2f039263e1489530284e3f90e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
# Security Policy
## Supported Versions
Currently all versions are supported.
| Version | Supported |
| ------- | ------------------ |
| 1.0.0 | ✔️ |
## Reporting a Vulnerability
Use this section to tell people how to report a vulnerability.
Tell them where to go, how often they can expect to get an update on a
reported vulnerability, what to expect if the vulnerability is accepted or
declined, etc.
A vulnerability is currently defined as being able to get the session ID with only a mod that gets loaded after NoSession loads its tweaker.
A non-comprehensive list of out of scope vulnerabilities:
- Stealing information from launcher files
- Using the OS level args methods
However, if you can produce a patch for an out of scope vulnerability, a bug bounty will be awarded as well.
The bug bounty is a $5 USD Amazon Gift Card. I might run out, so it's awarded on a first come, first serve basis.
|
