Update SECURITY.md

getgrav · Mar 4, 2024 · d69adcf · d69adcf
1 parent 45e2c27
commit d69adcf
Showing 1 changed file with 9 additions and 9 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -10,6 +10,15 @@ We are focusing our security updates on the following versions
 | 1.6.x   | :warning:          |
 | < 1.6   | :x:                |
 
+## :pushpin: Note on Security Severity
+
+> NOTE: Please use the following guidlines when selecting a **Severity**.  Submitted advisories that are marked **High** or **Critical** that don't meet the guidelines below will be cliosed.
+
+* **CRITICAL** - no account required, can modify content, or run malicious code or nefarious activity without any access.
+* **HIGH** - publisher level account able to run malicious code or nefarious activity, or other high level security things.
+* **MODERATE** - admin level account able to run malicious code or do nefarious things. other moderate security things.
+* **LOW** - super admin level account able to run malicious code or do nefarious things. other minor security things.
+
 ## :warning: Versions
 
 Versions with :warning: will be supported for security issues, however you won't be able to update to them, you will need to manually update through the [`direct-install` command](https://learn.getgrav.org/17/admin-panel/tools).
@@ -22,15 +31,6 @@ Please contact security@getgrav.org with a detailed explanation of the security
 
 > NOTE: Please do not use 3rd party security issue reporting services, we like to keep everything in the GitHub ecosystem for easier manageability.
 
-## :pushpin: Note on Security Severity
-
-> NOTE: Please use the following guidlines when selecting a **Severity**.  Submitted advisories that are marked **High** or **Critical** that don't meet the guidelines below will be cliosed._
-
-* **CRITICAL** - no account required, can modify content, or run malicious code or nefarious activity without any access.
-* **HIGH** - publisher level account able to run malicious code or nefarious activity, or other high level security things.
-* **MODERATE** - admin level account able to run malicious code or do nefarious things. other moderate security things.
-* **LOW** - super admin level account able to run malicious code or do nefarious things. other minor security things.
-
 ## :bug: Bug Bounties
 
 We do greatly appreciate your efforts to improve Grav, but unfortunately because we are a small open source project, we **do not have the resources to offer bounties** for security issues found.