Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in HirePath, please report it responsibly.

How to Report

Do not open a public issue
Email the project owner with details of the issue
Include steps to reproduce and potential impact

What to Expect

Acknowledgement within 48 hours
Fix or mitigation as soon as possible
Public disclosure only after a fix is released

Supported Components

Security considerations apply to:

Backend API (Spring Boot)
Database access (SQL)
Automation tools (Python)
Input validation (Regex utilities)

Best Practices Followed

Input validation on APIs
ORM-based database access
Separation of concerns
Minimal exposure of sensitive data

Thank you for helping keep this project secure.

There aren't any published security advisories