We take the security of egyscan seriously. If you discover any security-related issues or vulnerabilities, we encourage you to disclose them to us responsibly. We appreciate your cooperation and will work with you to address any valid concerns.
To report a security vulnerability, please email us at [email protected]. If possible, encrypt your message using our PGP key to prevent the information from being intercepted.
Public disclosure of security vulnerabilities before they have been addressed is strongly discouraged, and we request that you allow us adequate time to investigate and mitigate the issue before making any information public.
When reporting a security vulnerability, please provide the following information:
- Description of the vulnerability, including steps to reproduce it.
- Version of
egyscanin which the vulnerability is present. - Any other relevant details that may help in understanding and reproducing the issue.
We believe in responsible disclosure and will make every effort to acknowledge your report and keep you informed throughout the process. Once we receive your vulnerability report, we will:
- Confirm that we have received your report within [15] days.
- Begin investigating the issue, assigning it an initial severity level.
- Work with you to reproduce and understand the vulnerability, if needed.
- Develop and implement a fix for the vulnerability.
- Provide you with a timeline for when the fix is expected to be released.
Security fixes will be addressed in a timely manner and included in the next release after they have been thoroughly tested and confirmed.
The severity of reported vulnerabilities will be classified using the following scale:
- Critical: Vulnerabilities that could lead to system compromise, data breach, or unauthorized access.
- High: Significant vulnerabilities that could result in a system breach or unauthorized access.
- Medium: Moderate vulnerabilities that could potentially impact system integrity or confidentiality.
- Low: Minor vulnerabilities with limited potential for harm.
For security-related inquiries or to report a vulnerability, please contact us at [email protected].