... | ... | @@ -21,8 +21,8 @@ Examples: |
|
|
- add the QVE-ID to the issue's title.
|
|
|
Example: `Everyone can revoke CRON-service registration (QVE-71-2019-1)`
|
|
|
- describe what the vulnerability does
|
|
|
- if possible describe how to exploit the vulnerability
|
|
|
- if possible reference the code that causes the vulnerability
|
|
|
- describe how to exploit the vulnerability if possible
|
|
|
- reference the code that causes the vulnerability if possible
|
|
|
- tag the issue with the `QVE`-QUIQQER-group-label
|
|
|
- tag the issue with the `Security`-QUIQQER-group-label
|
|
|
- mark the issue as confidential if it's a severe vulnerability
|
... | ... | |