| Version | Supported |
|---|---|
| 2.0.x | ✅ Yes |
- DO NOT open a public GitHub issue
- Email: Site@hotmail.com
- Subject:
[SAMA CSF Security] Brief description
- Acknowledgment: 48 hours
- Status update: 7 days
- Resolution: 30 days for critical issues
In scope: XSS vulnerabilities in the assessment UI, localStorage data exposure, malicious PDF generation, dependency vulnerabilities in Chart.js/jsPDF.
Out of scope: SAMA framework content accuracy (refer to SAMA), browser-specific localStorage limitations, issues requiring physical device access.
This tool stores all data in browser localStorage. No data is ever transmitted to external servers. Users should be aware that localStorage data can be accessed by other scripts on the same origin.