[German] | [French] | [Spanish] | [日本語]

So, you have found a security vulnerability. Please, be sure to responsibly disclose it to us by reporting a vulnerability under following Page: https://github.com/T1z3n/Visitor-Management-System/issues

We will not accept reports of vulnerabilities of the following types:

• Reports from automated tools or scanners.
• Theoretical attacks without proof of exploitability.
• Attacks that are the result of a third-party application or library (these should instead be reported to the library maintainers).
• Social engineering.
• Attacks involving physical access to a user’s device, or involving a device or network that’s already seriously compromised (like, man-in-the-middle).
• Attacks that require the user to install a malicious other software, like a third-party integration, add-on, or plugin.
• Attacks that the user can only perform against their own setup.
• Privilege escalation attacks for logged in users

Supported are only the latest Version on Github. At the moment there's no LTS avalible.

If you are familiar with CVSS3.1, please provide the vulnerability score in your report in the shape of a vector string. There’s a calculator that can be helpful. If you are unsure how or unable to score a vulnerability, state that in your report, and we will look into it.

If you intend to provide a score, please familiarize yourself with CVSS first (we strongly recommend reading the Specification and Scoring Guide).

Sources:

CVSS-Calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

At the Moment, there's no active Bug Bounty Programm avalible. When it's avalible, I will Announce it in social Media or here on the Wiki-Feed.