Since Nova is currently in alpha, there is no fixed versioning system.
Therefore, any code in the main branch is supported, and a vulnerability can be reported if it is found.
| Version | Supported |
|---|---|
| 0.x.x | ✅ |
Please do not publicly disclose vulnerabilities.
Instead, report a vulnerability privately here.
If the vulnerability you've discovered is severe, do also contact me using this form, and I will get back to you within 24 hours.
- Retrieval of any user information (of other users) such as passwords and emails
- Database infiltration
- Bypassing password-protected short URLs
- Manipulation of short URLs without authentication / manipulation of short URLs not owned by the authenticated user
- Retrieval of all or many short URLs at once