|
|
|
@ -39,6 +39,10 @@ The vulnerability will be publicly announced after the release. Finally, your na
|
|
|
|
|
to the [hall of fame](https://hackerone.com/nextcloud/thanks) as a thank you from the entire Nextcloud
|
|
|
|
|
community.
|
|
|
|
|
|
|
|
|
|
If the vulnerability involves an app that is not maintained by Nextcloud (i.e. hosted by the
|
|
|
|
|
Nextcloud project but community maintained, or hosted elsewhere), the security team will try to coordinate with the
|
|
|
|
|
current maintainer and help to get the issue fixed in similar fashion.
|
|
|
|
|
|
|
|
|
|
### Bug Bounties
|
|
|
|
|
|
|
|
|
|
If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Details
|
|
|
|
@ -47,8 +51,7 @@ on past bounty ranges can be found at [hackerone.com/nextcloud](https://hackeron
|
|
|
|
|
## Existing Security Advisories
|
|
|
|
|
|
|
|
|
|
Published security advisories for the Nextcloud Server, Clients and Apps can be viewed at
|
|
|
|
|
[https://github.com/nextcloud/security-advisories/security/advisories](https://github.com/nextcloud/security-advisories/security/advisories
|
|
|
|
|
).
|
|
|
|
|
[https://github.com/nextcloud/security-advisories/security/advisories](https://github.com/nextcloud/security-advisories/security/advisories).
|
|
|
|
|
|
|
|
|
|
## Supported Versions
|
|
|
|
|
|
|
|
|
|