We take security seriously and aim to promptly address any issues. Here is the current status of our support for various versions of the website.
| Version | Supported |
|---|---|
| v1.x.x | ✅ |
| v0.x.x | ❌ |
If you believe you've discovered a security vulnerability on our financial literacy website, please follow the steps below to report it.
Please do not publicly disclose the vulnerability until we have had the opportunity to investigate and resolve it.
Contact our security team at [email protected](mailto:[email protected]) with the following details:
- A description of the vulnerability and its impact.
- Steps to reproduce the vulnerability.
- Any additional information that may help us understand the scope and potential threat.
We will acknowledge your report within 48 hours and aim to provide a response with further details within 5 business days. You can expect:
- An assessment of the issue.
- Steps we will take to mitigate the risk.
- A timeline for the resolution.
If your report leads to a code or configuration change that improves the security of the website, we may offer a bounty as a token of our appreciation. Please inquire in your report if you are interested in this program.
The following areas of the website are in scope for security testing:
- User authentication and authorization
- Financial data handling and transactions
- API endpoints
- Payment systems (if applicable)
- User data protection mechanisms
The following areas are out of scope:
- Third-party applications integrated with the website
- Denial of Service (DoS) attacks
- Physical security vulnerabilities
We will regularly update users about any major security updates and patches through our website and email notifications.
Thank you for helping us keep our platform safe for everyone.