Skip to content
Isaac Bennetch edited this page Jun 21, 2016 · 1 revision
  • This document itself is currently in draft form. *

This is a guide for the security team when preparing a PMASA draft.


This should be informative but not overly detailed; we don't want to overwhelm people (those who are curious can always look at the code). A few sentances are usually all that is needed.


  • Critical: Things like unauthenticated users being able to log in or executing random PHP code.
  • Moderate: Where an authenticated user can attack themselves or other authenticated users.
  • Non-critical (maybe needs a better term): Generally where a user can attack themselves only or cause inconvenience to other users.
  • Advisory: With mentioning but not very likely to be exploited.


Identify the reporter based on their preferred means. This can include a website or Twitter username.

Category:Security Category:Devel

Clone this wiki locally