Currently, only the latest version of the main branch is supported for security updates.
| Version | Supported |
|---|---|
| Latest | ✅ |
| < Latest | ❌ |
If you discover a security vulnerability within this project, please report it privately.
DO NOT create a public issue for security vulnerabilities.
Please send an email to support@medalsocial.com or use GitHub's private vulnerability reporting feature if enabled for this repository.
A good security report should include:
- Type of issue: (e.g., SQL injection, XSS, etc.)
- Location: The file and line number where the issue exists.
- Proof of Concept: Steps to reproduce the issue or a script that demonstrates it.
- Impact: How this issue could be exploited and what the consequences could be.
- Acknowledgment: We will acknowledge your report within 48 hours.
- Verification: We will work to verify the vulnerability and assess its severity.
- Fix: We will develop a fix and test it.
- Disclosure: We will coordinate with you on the timing of a public disclosure, typically after a fix has been released.
Thank you for helping keep this project secure!