Generally, the latest release will be supported. Nightly branches are never supported unless the author supports it
| Version | Supported |
|---|---|
| 1.0.0 | ❌ |
| 1.1.0 | ❌ |
| 1.1.1 | ✔️ if machine is not Linux |
| 1.2.0 | ✔️ in all circumstances |
| Any nightly branch | ❌ |
A vulnerability is currently defined as being able to get the session ID with only a mod that gets loaded after NoSession loads its loading plugin.
Vulnerabilities that are out of scope are defined as those that NoSession itself cannot prevent.
However, if you can produce a patch for an out-of-scope vulnerability, a bug bounty will be awarded as well.
The bug bounty is a $5 USD Amazon Gift Card. I might run out, so it's awarded on a first come, first served basis.
Report the bug bounty by sending a DM to pandaninjas on Discord.
If you would like, you can encrypt the message with my public PGP key
Your bug bounty may be invalidated if you disclose it to the public before. You must be the first to report a vulnerability