Version | Supported |
---|---|
0.4.x | ✅ |
0.3.x | ❌ |
0.2.x | ❌ |
0.1.x | ❌ |
To report a vulnerability, please make a submission on Huntr.dev. Their website should give you a good idea on how to make a good vulnerability report. It's important to make the submission there as it keeps the vulnerability private which helps ensure it can't be exploited while a patch is in the works.
If you have a suggestion that is related to security but not an actual exploit, then creating an issue on GitHub is a suitable place.
Usually a good report should include which file(s) has the exploit, how the vulnerability could be exploited, the potential ramifications of the vulnerability, a proof of concept exploit, and if possible insight into a solution. A proper vulnerability report is awarded with a cash reward, if you provide a patch there is usually a reward with that as well.
Reporting bugs This section guides you through submitting a bug report for FOSSBilling. Following these guidelines helps maintainers and the community understand your report 📝, reproduce the behavior 💻 💻, and find related reports 🔎.
Before creating bug reports, please check this list as you might find out that you don't need to create one. When you are creating a bug report, please include as many details as possible.
Note: If you find a Closed issue that seems like it is the same thing that you're experiencing, open a new issue and include a link to the original issue in the body of your new one.
Before Submitting A Bug Report Perform a cursory search to see if the problem has already been reported. If it has and the issue is still open, add a comment to the existing issue instead of opening a new one.
A detailed guide can be found here: CONTRIBUTING. However if you're still unsure or it's too much to read drop a message on Discord. Sometimes it takes time to respond; please be patient!