Skip to content

Security: pliniomartos/cinema-hnc

Security

SECURITY.md

Security Policy

Supported Versions

This project is maintained for current coursework use. Security fixes are applied to the latest version on the main branch.

Reporting a Vulnerability

Please do not report security vulnerabilities in public GitHub issues.

Instead, report privately by contacting the repository owner and include:

  • A clear description of the issue
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if known)

Response Expectations

  • Initial acknowledgement: within 7 days
  • Triage and severity assessment: as soon as possible
  • Fix timeline: depends on issue complexity and coursework schedule

Scope

Typical in-scope issues include:

  • Authentication/authorization bypass
  • SQL injection / command injection
  • Sensitive data exposure
  • Insecure file upload handling
  • CSRF/XSS vulnerabilities

Out of scope:

  • Denial-of-service style load testing
  • Social engineering / phishing
  • Vulnerabilities requiring physical/local machine access

Disclosure

Please allow time for remediation before any public disclosure. Responsible disclosure is appreciated.

There aren't any published security advisories