# Security Policy

## Reporting a Vulnerability

We take security seriously at TerriaJS. If you discover a vulnerability in TerriaJS software, please report it to us responsibly using the following steps:

1. **Contact Us**: Report a vulnerability to [security@terria.io](mailto:security@terria.io) or from the Security tab of this repository.
2. **Provide Information**: Include as much information as possible to help us verify the vulnerability. This may include:
   - Steps to reproduce the vulnerability
   - Potential impact assessment
   - Any proof of concept or exploit code
3. **Do Not Publicly Disclose**: Please do not publicly disclose the vulnerability until it has been resolved.

Thank you for helping keep TerriaJS secure!