The security of our project and its users is of utmost importance to us. We are committed to maintaining a secure environment and addressing any security vulnerabilities promptly. This document outlines guidelines for reporting security issues and our approach to handling them. Please read this information carefully and follow the instructions provided.
If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our vulnerability reporting page or directly via email to [email protected].
Please do NOT create a public github issue and any example code, if available.
We appreciate your vigilance in identifying security vulnerabilities. However, it's important to understand the scope of issues we are most concerned about:
- Authentication or authorization bypass
- Privilege escalation
- SQL injection
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Server or application misconfigurations that could lead to security breaches
We are dedicated to addressing security vulnerabilities in a timely manner and providing regular updates on our progress. We appreciate your collaboration in making our project more secure. Together, we can maintain a safer environment for all users.
Thank you for your support in keeping our project secure. We truly value your efforts and commitment to the safety of our community.