Skip to content

Security: AnayDhawan/tourneyradar

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
{{CURRENT_MAJOR}}.x ✅ Active
< {{CURRENT_MAJOR}}.0 ❌ No longer supported

Reporting a Vulnerability

Do not open a public GitHub issue for security vulnerabilities.

Email: {{SECURITY_EMAIL}}

Include in your report:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Any suggested fix (optional)

Response Timeline

Stage Target
Acknowledgement Within 48 hours
Status update Within 7 days
Patch or mitigation Within 30 days for critical; 90 days for moderate

Scope

In scope:

  • Authentication or authorization bypass
  • Injection vulnerabilities (SQL, command, XSS)
  • Sensitive data exposure
  • Remote code execution
  • Dependency with known CVE affecting this project

Out of scope:

  • Vulnerabilities in third-party services (report to them directly)
  • Social engineering
  • Theoretical vulnerabilities without proof of concept

Security Hall of Fame

Researcher Issue Date

There aren't any published security advisories