Since this is a personal portfolio website hosted on GitHub Pages, only the current live deployment is supported.
| Version | Supported |
|---|---|
Live Deployment (main branch) |
✅ |
| Old Commits / Historical Code | ❌ |
As a Security Researcher, I welcome responsible disclosure. If you find a vulnerability in this portfolio (e.g., DOM-based XSS, Content Injection), please report it.
Please email me directly at bhushanladgaonkar@gmail.com with the subject line: [SECURITY] Vulnerability Report - Portfolio. Alternatively, you can use the Private Vulnerability Reporting tab in this repository to submit findings securely.
In your report, please include:
- Description of the vulnerability.
- Steps to reproduce (PoC).
- Impact analysis.
I will acknowledge your report within 48 hours.
In Scope:
- Source code logic errors.
- Client-side vulnerabilities (XSS, etc.) within my specific code.
Out of Scope (Do Not Attempt):
- DDoS or disruption of service (This is hosted on GitHub; don't attack their infrastructure).
- Social Engineering (Phishing, Spam).
- Physical Security attacks.
- vulnerabilities affecting GitHub Pages infrastructure itself (report those to GitHub).
I pledge not to pursue legal action against researchers who:
- Identify and report vulnerabilities in good faith.
- Avoid exploiting the vulnerability to access data or harm the integrity of the site.
- Give me a reasonable amount of time to resolve the issue before public disclosure.
Thank you for helping keep the ecosystem secure.