If you discover a security vulnerability in cVinci, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, please email us at security@cvinci.me with:
- A description of the vulnerability
- Steps to reproduce the issue
- The potential impact
- Any suggested fixes (if applicable)
We will acknowledge your report within 48 hours and work to resolve the issue as quickly as possible.
This policy covers:
- The cVinci web application at cvinci.me
- The cVinci API
- Public resume pages
We appreciate the security research community's efforts in helping keep cVinci and its users safe.