20/10/2020 3:59:28
|
---|
|
Reporting issuesHi ! I want to report an issue however on the SECURITY.md on Github mentions to report it on Hackerone but it seems to be private. Should I post the bug on Github instead?
Thanks! |
20/10/2020 13:15:50
|
---|
|
Re: Reporting issuesHi, you are correct, and I figured we would have broken the threshold to become a public project by now. It's something we don't have much power over, we need to have bug reports by invited hackers on Hackerone, and until now only a few reports have been coming in (and have been handled of course ) When it comes to security issues, please notify us on the security issues form. That way we can make sure the issue gets fixed before it is published online. I'll update the SECURITY.md on github as well, thanks for letting me know! |
_________________
|
14/11/2020 16:38:42
|
---|
|
Re: Reporting issuesFinal question : Are you using h1 platform? Can I get invite (I plan to test this now after successful installation) |
14/11/2020 18:56:09
|
---|
|
Re: Reporting issuesHi, yes, we are using the h1 platform, and as of a few minutes ago, we are a public project at https://hackerone.com/impresscms Feel free to post any security related issues there so we can monitor them more easily. Edited by fiammybe on 14/11/2020 19:27:19
|
_________________
|
7/12/2020 7:28:30
|
---|
|
Re: Reporting issuesJust to make it abundantly clear : from now on, all security-related reports should be logged on Hackerone. The other form will be deactivated. |
_________________
|