If you discover a security vulnerability in Invoicetronic Desk, please report it responsibly.
Do not open a public GitHub issue.
Instead, email info@invoicetronic.com with:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: within 48 hours
- Initial assessment: within 5 business days
- Fix or mitigation: as soon as possible, depending on severity
| Version | Supported |
|---|---|
| 1.x | Yes |
| < 1.0 | No |
We follow coordinated disclosure. Once a fix is released, we will:
- Publish a GitHub Security Advisory
- Credit the reporter (unless they prefer anonymity)
- Include details in the changelog