Thank you for helping keep EduEmpower secure and reliable! This document outlines our security guidelines and responsible disclosure process.

If you discover a security vulnerability, please do not create a public issue.

Instead, report it privately via:

• 📧 Email: [email protected]
• Or, reach out via GitHub DM if email is unavailable.

We’ll investigate and respond within 48 hours. Once confirmed, we’ll work with you on a resolution timeline and credit you accordingly (if desired).

Please report vulnerabilities such as:

• 🧨 Code injection (e.g., XSS, SQL injection)
• 🚫 Authorization or authentication bypass
• 🕵️‍♀️ Sensitive data exposure
• ⚠️ Logic flaws that could lead to abuse
• 🧬 Misconfigurations in third-party integrations

• We will respond promptly
• We will not take legal action against responsible disclosures
• We will keep your report confidential until resolved
• We will credit you in security updates, if you want

We appreciate the effort and time of security researchers and ethical hackers who help make EduEmpower better and safer.

Made with ❤️ to protect student data and trust.