Skip to content

Latest commit

 

History

History
17 lines (10 loc) · 1.18 KB

SECURITY.md

File metadata and controls

17 lines (10 loc) · 1.18 KB

Reporting a Vulnerability

The Percussion CMS team takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, email [email protected] and include the word "SECURITY:" in the subject line.

NOTE: We will acknowledge you as the reporter by default unless you specify otherwise on your report.

The Percussion team will send a response indicating the next steps in handling your report. After the initial reply to your report, the team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

If you have discovered a vulnerability in a third party component or library, please report that vulnerability directly to that projects maintainer(s).

Bounty Program

This project does not currently offer a bounty program at this time.

Percussion's PGP Key

If you need to validate signatures on files coming from Percussion, or you want to encrypt a file you're sending to us, you can grab our PGP public key from https://www.percussion.com/Assets/www.percussion.com/security/public_key.asc