Merge pull request #913 from eliashaeussler/task/security-policy

eliashaeussler · web-flow · commit 37a9959f31ed · 2025-07-26T20:27:15.000+02:00
[DOCS] Refine security policy
diff --git a/SECURITY.md b/SECURITY.md
@@ -3,29 +3,10 @@
 Please follow the guidelines below to contact us if you believe you have discovered a
 security vulnerability in this project.
 
-## Reporting a Vulnerability
+> [!CAUTION]
+> **Please do not open GitHub issues for security vulnerabilities.**
 
-**Please do not open GitHub issues for security vulnerabilities.**
-
-Instead, please send an email to [security@haeussler.dev](mailto:security@haeussler.dev).
-Your report should include the following details:
-
-* The exact version or version range that you analysed.
-* The TYPO3 version that you used for your analysis.
-* A step-by-step explanation of how to exploit the potential vulnerability.
-
-You can use the following GPG/PGP key ID to optionally encrypt your messages to
-[security@haeussler.dev](mailto:security@haeussler.dev):
-
-* Key ID: `6FA2DFA7`
-* Fingerprint: `277A 831A DA60 115C 3652  0011 0AB0 D6CA 6FA2 DFA7`
-
-You can download the public key from the following sources:
-
-* [haeussler.dev](https://haeussler.dev/gpg-security)
-* [keys.openpgp.org](https://keys.openpgp.org/vks/v1/by-fingerprint/277A831ADA60115C365200110AB0D6CA6FA2DFA7)
-
-> [!NOTE]
-> You can also contact the _TYPO3 Security Team_ in case you have discovered a potential security
-> vulnerability. Please read [TYPO3's Security Policy](https://github.com/TYPO3/typo3/blob/main/SECURITY.md)
-> for more information.
+Instead, contact the [TYPO3 Security Team](https://typo3.org/community/teams/security)
+in case you have discovered a potential security vulnerability. Please also consult
+[TYPO3's Security Policy](https://github.com/TYPO3/typo3/blob/main/SECURITY.md) for
+further information.
