May 20, 2024
Proomptify values the security and privacy of its users. If you have discovered a potential vulnerability, we appreciate your responsible disclosure.
Proomptify Vulnerability Reporting Policy
We appreciate your help in keeping Proomptify secure. This policy outlines the process for reporting vulnerabilities in our platform.
What to Report:
Security vulnerabilities that could allow unauthorized access to user data or compromise the functionality of Proomptify.
Examples include:
SQL injection vulnerabilities
Cross-site scripting (XSS) vulnerabilities
Insecure direct object references (IDOR)
Broken authentication
Denial-of-service (DoS) vulnerabilities
Security vulnerabilities in third-party libraries used by Proomptify.
What Not to Report:
Issues not related to security, such as bugs that affect functionality but don't pose a security risk.
Denial-of-service attacks or other malicious activities.
Socially engineered attacks (phishing, etc.).
Publicly known vulnerabilities (already patched or documented).
How to Report:
Email: Please send a detailed report to [email address removed]. Include the following information:
A description of the vulnerability, including steps to reproduce it.
Any screenshots or proof-of-concept code.
The version of Proomptify you are using (if applicable).
Your contact information (optional).
We Value Your Confidentiality: We will treat all vulnerability reports with confidentiality. We will not disclose your identity or any other sensitive information without your permission.
Our Response:
We will acknowledge receipt of your report within 48 hours.
We will investigate the reported vulnerability and work to fix it as soon as possible.
We will keep you informed of the progress of the investigation and fix.
We may publish a security advisory or release a patch to address the vulnerability.
Thank you for helping us keep Proomptify secure!