Thank you for helping keep DoubtDesk and its users safe.
At this time, only the latest version of DoubtDesk is actively supported with security updates.
| Version | Supported |
|---|---|
| Latest Release | ✅ |
| Older Versions | ❌ |
If you discover a security vulnerability, please do not create a public GitHub issue.
Instead, report the issue privately to the project maintainers through GitHub or any official communication channel provided by the maintainers.
When reporting a vulnerability, please include:
- A clear description of the issue
- Steps to reproduce the vulnerability
- Potential impact
- Screenshots or proof-of-concept details (if applicable)
The maintainers will review security reports as soon as possible and aim to acknowledge reports within 72 hours.
After verification, maintainers will investigate the issue, develop a fix, and coordinate responsible disclosure when appropriate.
Examples of security issues include:
- Authentication bypass
- Unauthorized access to classrooms or user accounts
- Privilege escalation
- Sensitive information disclosure
- Database exposure
- Vulnerabilities affecting student or teacher data
The following are generally not considered security issues:
- UI or styling bugs
- Feature requests
- Documentation issues
- Minor usability concerns
Please avoid publicly disclosing security vulnerabilities until the maintainers have had a reasonable opportunity to investigate and address the issue.
Thank you for helping improve the security of DoubtDesk.