Skip to content

Security: arpit2006/CampussCompass

Security

SECURITY.md

Security Policy

CampusCompass is dedicated to maintaining the security of our application and the data of students who use it. We encourage responsible disclosure of vulnerabilities.

Supported Versions

Only the latest active development branch receives security updates.

Version Supported
v1.x
< v1.0

Reporting a Vulnerability

Please do not report security vulnerabilities publicly using GitHub Issues.

If you discover a security vulnerability in CampusCompass (e.g., authentication bypass, data exposure, XSS, etc.), please report it privately:

  1. Send an email to the security team at arpitshirbhate25@gmail.com (or contact the repository owner).
  2. Include a detailed description of the vulnerability.
  3. Provide step-by-step instructions or a proof-of-concept (PoC) script to reproduce the issue.
  4. Tell us what system environment you tested it on.

Our Response Process

  • We will acknowledge receipt of your report within 48 hours.
  • We will work to investigate, reproduce, and fix the issue.
  • A patch will be merged, and a security advisory will be published once the fix is deployed.
  • We request that you keep the report confidential until we can release a patch to protect other users.

There aren't any published security advisories