We take the security of our software products and services seriously, which includes all source code repositories managed through our GitHub repositories.

To report a security vulnerability, please use the following email address: contact@xtasks.pro.

We accept reports in the following languages:English or French.

When reporting a security issue, please include as much of the following information as possible to help us understand the nature and scope of the possible issue:

• Type of issue (e.g., buffer overflow, SQL injection, cross-site scripting, etc.)
• Full paths of source file(s) related to the manifestation of the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker might exploit it
• This information will help us triage your report more quickly.

We aim to acknowledge receipt of your vulnerability report within 48 hours and will strive to keep you informed of the progress we're making toward resolving the issue.

Once we've resolved a reported security issue, we may disclose it publicly. We will coordinate the disclosure with the person who reported the issue to ensure that they are credited for their discovery.

We will publicly thank security researchers who follow this responsible disclosure policy, recognizing their contributions in our 'Hall of Fame' or 'Thank You' page.

We promise not to initiate legal action against researchers for disclosing vulnerabilities as long as they adhere to responsible disclosure guidelines, which includes reporting it to us and not publicly disclosing the issue until we've had a reasonable time to address it.