You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 lines
1.4 KiB
22 lines
1.4 KiB
# Security Policy
|
|
|
|
## Supported versions and past security incidents
|
|
|
|
You can find up-to-date information on the security status of each version on <https://getkirby.com/security>.
|
|
|
|
## Security of your Kirby site
|
|
|
|
We have a detailed [security guide](https://getkirby.com/docs/guide/security) with information on how to keep your Kirby installation secure.
|
|
|
|
## Reporting a vulnerability
|
|
|
|
If you have spotted a vulnerability in Kirby's core or the Panel, please make sure to let us know immediately. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
|
|
|
|
You can always contact us directly at **<security@getkirby.com>**.
|
|
If you want to encrypt your message, our GPG key is [6E6B 057A F491 FFAD 363F 6F49 9101 10FA A459 E120](https://getkirby.com/pgp.asc).
|
|
|
|
You can also use the [security advisory form on GitHub](https://github.com/getkirby/kirby/security/advisories/new) to securely and privately report a vulnerability to us.
|
|
|
|
We will send you a response as soon as possible and will keep you informed on our progress towards a fix and announcement.
|
|
|
|
**Please do not write to us publicly, e.g. in the forum, on Discord or in a GitHub issue. A public report can give attackers valuable time to exploit the issue before it is fixed. By letting us know directly and coordinating the disclosure with us, you can help to protect other Kirby users from such attacks.**
|
|
|