Skip to content

Security: Gurge44/EndlessHostRoles

Security

Report a vulnerability

SECURITY.md

Security Policy for Endless Host Roles (EHR)

Ensuring the security of our community and mod is a top priority. This document explains how to responsibly report security issues and what to expect.

1. Reporting a Vulnerability

If you discover a security vulnerability in EHR (either in-game exploits or issues in the mod code), please report it privately through the EHR Discord server by opening a support ticket.

Include as much information as possible:

  • Steps to reproduce the issue
  • Video footage or screenshots demonstrating the problem
  • Logs from the mod (log.html, LogOutput.log, Errorlog.log)

Providing all three is ideal to help us understand and fix the issue quickly.

2. Response Time

We aim to respond to all security reports within the same day whenever possible.

3. Scope

This policy applies to:

  • In-game exploits or bugs that could be abused
  • Mod code vulnerabilities that could affect users or the community

4. Disclosure

  • Please do not publicly disclose any vulnerabilities until a fix has been released.
  • We will work to release a patch as soon as possible to resolve reported issues.

Thank you for helping us keep EHR safe and fair for all players. 💜

There aren’t any published security advisories