Quigley Group Security Policy

Reporting Security Issues

The Quigley Group team takes security issues seriously. We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.

To report a security issue, please email security@quigley.group with a detailed description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.

Security Response Process

When we receive a security bug report, we will take the following steps:

  1. Confirm the issue and determine the affected versions.
  2. Audit code to find any potential similar issues.
  3. Prepare fixes for all releases still under maintenance.
  4. Communicate with the reporter as we make progress.

Security Updates

Security updates will be released as part of our regular update process or as out-of-band patches depending on severity.

Public Disclosure Timing

We aim to disclose issues in a coordinated fashion after a patch is ready. We request that you do not disclose the vulnerability publicly until we have had a chance to address it.

Thank you for helping keep Quigley Group and our users safe!