- For security issues with high-impacts (e.g. related to payments or user permission), we support 3.8.x and all 4.x version. But the fix for 4.x will released only in latest sub-version.
- For all other security issues, we mainly support version >= 4.x (in which
xis the latest stable sub-version).
Please send the details about the security issue to support@cloudreve.org. Once the vulnerability is comfirmed or fixed, you will get updates from the email thread.
We will reward you with bounty/swag for success submission of securty issues.