InvenTree/SECURITY.md

# Security Policy

The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software.
We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.

## Reporting a Vulnerability

Please report security vulnerabilities by emailing the InvenTree team at:

```
security@inventree.org
```

Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report.


The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches. Where possible, the issue will be resolved within 90 dates of reporting.
Add security.md (#3190) * Create SECURITY.md Add a security disclosure policty document (cherry picked from commit 35b7d51cf20b2e80ddbb7a337e8ab472a6f36300) * Adds desired target for resolution (cherry picked from commit 828163848aedd40d5007f1830fcd0fc800647841) 2022-06-13 22:09:51 +00:00			`# Security Policy`

			`The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software.`
			`We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.`

			`## Reporting a Vulnerability`

			`Please report security vulnerabilities by emailing the InvenTree team at:`

			```
			`security@inventree.org`
			```

			`Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report.`


			`The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches. Where possible, the issue will be resolved within 90 dates of reporting.`