CampusCompass is dedicated to maintaining the security of our application and the data of students who use it. We encourage responsible disclosure of vulnerabilities.
Only the latest active development branch receives security updates.
| Version | Supported |
|---|---|
| v1.x | ✅ |
| < v1.0 | ❌ |
Please do not report security vulnerabilities publicly using GitHub Issues.
If you discover a security vulnerability in CampusCompass (e.g., authentication bypass, data exposure, XSS, etc.), please report it privately:
- Send an email to the security team at arpitshirbhate25@gmail.com (or contact the repository owner).
- Include a detailed description of the vulnerability.
- Provide step-by-step instructions or a proof-of-concept (PoC) script to reproduce the issue.
- Tell us what system environment you tested it on.
- We will acknowledge receipt of your report within 48 hours.
- We will work to investigate, reproduce, and fix the issue.
- A patch will be merged, and a security advisory will be published once the fix is deployed.
- We request that you keep the report confidential until we can release a patch to protect other users.