Skip to content

Security: Horizon-Hosting/.github

SECURITY.md

Security Policy

Horizon Hosting takes the security of our software, products, and services seriously, this includes all our repositories managed through our GitHub organization.

If you believe you have found a security vulnerability in any repository or software owned by Horizon Hosting that meets our definition of a security vulnerability, please report it to us via github, or email us at vulnerabilities[at]horizonnetworks.uk.

Our Definition of a Vulnerability

We define a security vulnerability to be a weakness in a product, service, or software that could allow an attacker to comprimise the integrity, availability, or data of that product, service, or software.

Reporting a Vulnerability

Please do not report security vulnerabilities publically (e.g. through discord, creating a GitHub issue).

If you believe that the security issue you have found is considered to be a vulnerability under our definition then please report it to us via github, or email us at vulnerabilities[at]horizonnetworks.uk.

After submitting a report, you should recieve an automated response, if you don't recieve this message, it is highly likely that we did not recieve your email, if this happens, please resend your email.

When reporting an issue, please including the information listed below to ensure we can resolve it as fast as possible:

  • Type of issue (e.g. SQL injection, etc)
  • Paths of source file(s) related to the issue
  • The location of affected code (if the project is closed source, send the URL)
  • Steps needed to reproduce the issue
  • Proof of exploit or consept for exploit
  • Impact of the issue