status-im
/
status-security
mirror of https://github.com/status-im/status-security.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added archived repositories as out of scope 

We have old repositories unmaintained & now archived. They should not be in scope of the bug bounty program.
This commit is contained in:
OxFred 2021-12-02 20:19:17 +01:00 committed by GitHub
parent b3aa9bc674
commit ad2c591182
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
process/h1_policy.md
View File

@ -60,6 +60,7 @@ Please do not engage with infrastructure hosted on infra.status.im and all subdo
For all other vulnerabilities, please consider (1) attack scenario/exploitability, and (2) security impact of the bug. The following issues are considered out of scope:
* Current issues within the Status.im Github repositories (will be regarded as duplicates)
* Issues in depreciated or archived Github repositories
* Clickjacking on pages with no sensitive actions.
* Unauthenticated/logout/login CSRF.
* Attacks requiring MITM or physical access to a user's device.