From d6c590ba04e12e82e07092737e94d7a05dec33cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20P=C3=A9rez=20Arias?= Date: Tue, 2 Sep 2025 09:08:29 +0200 Subject: [PATCH] Update SECURITY.md --- SECURITY.md | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index b64f947..7d2ab70 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -13,19 +13,7 @@ We take the security of the project seriously. If you believe you have found a s **Please do not report security vulnerabilities through public GitHub issues.** -Instead, please report them via email to [vuln.disclosure@inditex.com](mailto:vuln.disclosure@inditex.com). You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message. - -Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: - -* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) -* Full paths of source file(s) related to the manifestation of the issue -* The location of the affected source code (tag/branch/commit or direct URL) -* Any special configuration required to reproduce the issue -* Step-by-step instructions to reproduce the issue -* Proof-of-concept or exploit code (if possible) -* Impact of the issue, including how an attacker might exploit it - -This information will help us triage your report more quickly. +Instead, please report them via our [disclosure submission program](https://vdp.inditex.com). ## Preferred Languages @@ -51,4 +39,4 @@ We support safe harbor for security researchers who: ## Third-party Security Notifications -We review security reports for our dependencies and follow responsible disclosure guidelines. \ No newline at end of file +We review security reports for our dependencies and follow responsible disclosure guidelines.