SECURITY.md 739 B

Security Policy

Supported Versions

Version Supported
6.0.x :white_check_mark:
<= 5.4.x :x:

Reporting a Vulnerability

If you've found a security vulnerability in Zammad, please report the vulnerability exclusively via email to security@zammad.com.

We will get back to you as soon as possible and inform you about the next steps. Accepted vulnerabilities will be disclosed via patch level release with accompanying security advisory.

Rewards

Every first reporter of a vulnerability may be credited in the related security advisory.

Zammad does not offer financial compensation through a security bounty program.