If you discover a security vulnerability in this project, please report it responsibly.
Send a detailed report to: 📧 seifeddinejamai8@gmail.com.
Your report should include:
- Description of the vulnerability
- Steps to reproduce the issue
- Proof-of-concept exploit (if available)
- Impact assessment
- Suggested mitigation (optional)
Please avoid publicly disclosing the vulnerability until it has been reviewed and patched.
OpenBento is a Bento Grid dashboard application that provides customizable widgets and dashboards. The following areas are considered critical:
- User authentication and session management
- Dashboard configuration data
- Widget data and state
- API endpoints and data fetching
- Local storage security
After receiving a vulnerability report:
- The issue will be acknowledged within 48 hours.
- The vulnerability will be assessed and verified.
- A security patch will be developed.
- A fix will be released in a new version.
- The reporter may be credited if they wish.
Users deploying this system should follow these recommendations:
- Always run the latest version of the software
- Use HTTPS for all API endpoints
- Protect sensitive configuration files
- Regularly update dependencies
- Secure the server where the application is hosted
If you discover a vulnerability related to a dependency used in this project, please verify:
- The dependency version used by this project is vulnerable.
- The vulnerability affects this system's functionality.
If both conditions apply, please report it through the security contact above.
We kindly request responsible disclosure practices.
Please do not publicly disclose vulnerabilities until they are fixed.
Thank you for helping keep OpenBento secure 🔐