diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..e414f48cb8 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,15 @@ +# Security Policy + +## Versions + +As an open source product, we will only patch the latest major version for security vulnerabilities. Previous versions of budibase will not be retroactively patched. + +## Disclosing + +You can get in touch with us regarding a vulnerability via email at community@budibase.com. + +You can also disclose via huntr.dev. If you believe you have found a vulnerability, please disclose it on huntr and let us know. + +https://huntr.dev/bounties/disclose + +This will enable us to review the vulnerability and potentially reward you for your work.