SECURITY.md
# Security Policy
This document outlines security procedures and general policies for the
*Admidio* project.
* [Reporting a Vulnerability](#reporting-a-vulnerability)
* [Supported Versions](#supported-versions)
* [Comments on this Policy](#comments-on-this-policy)
## Reporting a Vulnerability
The *Admidio* team and community take all security bugs in
*Admidio* seriously. Thank you for improving the security of
*Admidio*. We appreciate your efforts and responsible
disclosure and will make every effort to acknowledge your contributions.
Report security bugs by emailing the maintainer at m.fassbender@admidio.org
The maintainer will response to your email within the next 2 days. After
the initial reply to your report, we will
endeavor to keep you informed of the progress towards a fix and full
announcement, and may ask for additional information or guidance.
Report security bugs in third-party plugins to the person or team maintaining
the plugin.
## Supported Versions
Here you find a short overview about our versions that we will support with security updates.
| Version | Supported |
| ------- | ------------------ |
| 4.1.x | :white_check_mark: |
| 4.0.x | :white_check_mark: |
| < 4.0 | :x: |
## Comments on this Policy
If you have suggestions on how this process could be improved please submit a
pull request.