Skip to content

Security: hasib9797/vote-tracker

Security

SECURITY.md

Security Policy

Supported version

Security fixes are applied to the latest published major version of Vote Tracker.

Reporting a vulnerability

Do not open a public issue for a suspected vulnerability.

Use GitHub's private vulnerability reporting feature for:

  • Webhook signature bypasses
  • Replay-protection failures
  • Token or secret exposure
  • Authentication bypasses on statistics routes
  • Discord mention or interaction abuse
  • Dependency vulnerabilities with a practical impact

Include:

  • Affected version
  • Reproduction steps or a proof of concept
  • Expected and actual behavior
  • Potential impact
  • Suggested mitigation, if known

Do not include real production credentials or user data.

The maintainer will validate the report, coordinate a fix, and publish disclosure information after users have had a reasonable opportunity to update.

There aren't any published security advisories