If you are operating your CloudLink server in a public-access environment, it is up to the server administrator to keep the server up-to-date.

All versions of CloudLink Legacy are to be considered deprecated and obsolete. If you are using CloudLink Legacy, you should consider upgrading.

If CloudLink has been updated, you are to assume that it will no longer be supported.

In the event of a security vulnerability is found, please use the following format to report it:

1. The time of Security Vulnerability being discovered in M/D/Y H:M:S Format
2. A severity level, ranging from low, medium, or high
3. Describe in detail what CloudLink should be doing.
4. Describe in detail what CloudLink is actually doing.
5. Provide a brief description of your application and environment. Include details such as the presence of a reverse proxy/tunneling service, the server machine's OS, Hardware specs, etc.
6. List the steps needed to reproduce the vulnerability.

Security vulnerabilities should be reported ASAP and will be taken care of as soon as I can.