Security Policy
Reporting Security Issues
We take the security of Avriox Shop seriously. If you believe you have found a security vulnerability, please report it to us as described below.
Please do NOT report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, please report them via email to: security@avrioxshop.com
Reporting Format
Please include the following information in your report:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Suggestions for mitigating the issue (if any)
Response Policy
When you submit a vulnerability report, you can expect:
- Confirmation of receipt within 24 hours
- Initial assessment and response within 48 hours
- Regular updates on the progress of the fix
- Notification when the vulnerability is fixed
Scope
This security policy applies to:
- The main Avriox Shop website (www.avrioxshop.com)
- All subdomains of avrioxshop.com
- Mobile applications (if applicable)
- API endpoints
Safe Harbor
We support responsible disclosure practices and do not take legal action against individuals who submit security vulnerability reports according to this policy.
Out of Scope
- DOS/DDOS attacks
- Spam attacks
- Social engineering attacks
- Physical security attacks
Recognition
We believe in recognizing security researchers who help us keep Avriox Shop secure. With permission, we will publicly acknowledge security researchers who report valid security vulnerabilities.