We actively support the following versions with security updates:
| Version | Supported |
|---|---|
| Latest | ✅ |
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
Please do NOT report security vulnerabilities through public GitHub issues.
- Email: Send details to manirujjamanakash@gmail.com
When reporting a vulnerability, please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (optional but appreciated)
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Resolution Target: Within 30 days (depending on complexity)
- We will acknowledge receipt of your report
- We will investigate and validate the issue
- We will work on a fix and coordinate disclosure timing with you
- We will credit you in our security acknowledgments (unless you prefer to remain anonymous)
This Laravel application follows security best practices including:
- Input validation and sanitization
- CSRF protection on all forms
- SQL injection prevention via Eloquent ORM
- XSS protection through Blade templating
- Secure password hashing using bcrypt
- Environment-based configuration for sensitive data
- Access control and authorization checks
- Regular dependency updates
We would like to thank the following security researchers for responsibly reporting security issues:
We follow a coordinated disclosure policy:
- Security issues are fixed before public disclosure
- We aim to release patches within 30 days of confirmed reports
- Researchers are credited after the fix is released (with their permission)
For security-related inquiries, please contact the maintainers directly rather than opening a public issue, via:
- Email: manirujjamanakash@gmail.com