增加安全策略

SECURITY.md

@@ -0,0 +1,16 @@
+## Security Policy 安全策略
+
+### Supported Versions 支持的版本
+| Version | Supported          |
+| ------- | ------------------ |
+| 2.0     |    [ ✓ ]           |
+| 1.9.x   |    [ ✓ ]           |
+| < 1.9.x |    [ × ]           |
+
+### Reporting a Vulnerability 报告漏洞
+We strongly encourage you to report security vulnerabilities to our private security mailing list: ttuuffuu@163.com or 2581047041@qq.com - first, before disclosing them in any public forums.
+
+This is a private mailing list where only members of the JiZhiCMS internal security team are subscribed to, and is treated as top priority.
+
+我们强烈建议您向我们的私人安全邮件列表报告安全漏洞：`ttuuffuu@163.com` 或 `2581047041@qq.com`，在任何公开论坛上披露之前。
+这是一个私人邮件列表，只有 `JiZhiCMS` 内部安全团队的成员才能订阅，并被视为最高优先级。