ソースを参照

More complete security

Laurent Destailleur 4 年 前
コミット
241ce8c3b7
1 ファイル変更1 行追加1 行削除
  1. 1 1
      SECURITY.md

+ 1 - 1
SECURITY.md

@@ -69,7 +69,7 @@ ONLY vulnerabilities discovered, when the following setup on tested platform is
 * The module DebugBar must NOT be enabled (by default, this module is not enabled. This is a developer tool)
 * The module ModuleBuilder must NOT be enabled (by default, this module is not enabled. This is a developer tool)
 * The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 1 into backoffice menu Home - Setup - Other (this protection should be enabled soon by default)
-* ONLY security reports on "stable" modules are allowed (troubles into "experimental" and "developement" modules are not accepted).
+* ONLY security reports on modules provided by default and with the "stable" status are allowed (troubles into "experimental", "developement" or external modules are not accepted).
 
 Scope is the web application (back office) and the APIs.