From e82a1e5d8897414e4eb72cf8302d7bed5c00dd58 Mon Sep 17 00:00:00 2001 From: Trent Nelson Date: Thu, 29 Dec 2022 16:48:19 -0700 Subject: [PATCH] Update SECURITY.md --- SECURITY.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/SECURITY.md b/SECURITY.md index 9e3a34a72a7c7e..b2ac019aa40571 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -117,6 +117,8 @@ The following components are out of scope for the bounty program * Bugs in dependencies. Please take them upstream! * Attacks that require social engineering * Any undeveloped automated tooling (scanners, etc) results. (OK with developed PoC) +* Any asset whose source code does not exist in this repository (including, but not limited +to, any and all web properties not explicitly listed on this page) ### Eligibility: * The participant submitting the bug report shall follow the process outlined within this document