| Version | Supported |
|---|---|
| 3.3.x | β Yes |
| < 3.0 | β No |
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
DO:
- π§ Email: andikastore.ads@gmail.com
- π Provide detailed information about the vulnerability
- π Include steps to reproduce if possible
- β° Allow reasonable time for us to address the issue before public disclosure
DON'T:
- β Do NOT open a public GitHub issue for security vulnerabilities
- β Do NOT exploit the vulnerability
- β Do NOT share the vulnerability details publicly before it's fixed
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Resolution Target: Within 30 days
- Public Disclosure: After fix is released and users have had time to update
When using Auto-FreeCF:
- Never share your credentials - Keep your Cloudflare and Google account credentials secure
- Use strong passwords - Always use unique, strong passwords for your accounts
- Enable 2FA - Enable two-factor authentication on your Cloudflare and Google accounts
- Review permissions - Only grant the minimum necessary permissions
- Keep updated - Always use the latest version of Auto-FreeCF
- Monitor accounts - Regularly check your accounts for unauthorized activity
Security vulnerabilities in:
- Authentication bypass
- Credential handling
- Data exposure
- Token generation
- Browser automation exploits
- Dependency vulnerabilities
- Cloudflare service issues
- Google account issues
- Third-party service outages
- User error or misconfiguration
Thank you for helping keep Auto-FreeCF secure! π‘οΈ