The following versions of Wanderlust are currently supported with security updates:
| Version | Supported | Notes |
|---|---|---|
| 1.0.x | ✅ | Current stable release |
| < 1.0 | ❌ | Pre-release versions |
Note: This project is built with Node.js, Express.js, MongoDB, and EJS templating engine.
We take security vulnerabilities seriously and appreciate your help in keeping Wanderlust secure.
Please do NOT report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities directly via email:
- Email: koushik369mondal@gmail.com
- Subject: [SECURITY] Wanderlust Vulnerability Report
When reporting a security vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Any suggested fixes or mitigation strategies
- Your contact information for follow-up questions
- Initial Response: Within 3 business days of receiving your report
- Status Updates: We will keep you informed of our progress
- Resolution: Timeline depends on complexity, but we prioritize security issues
- We will acknowledge receipt of your vulnerability report promptly
- We will investigate all legitimate reports and do our best to quickly fix the problem
- We will notify you before any public disclosure of the vulnerability
- We will credit you (if desired) for responsibly disclosing the issue
This security policy applies to:
- The main Wanderlust application
- All components including Node.js backend, Express routes, MongoDB integrations
- EJS templates and client-side JavaScript
- All dependencies and third-party packages
Thank you for helping us maintain the security of Wanderlust!