We take the security of SDGP.lk seriously. If you discover any security vulnerabilities, please do not publicly disclose them through GitHub issues or discussions.
Instead, report them privately and responsibly using the following methods:
- Email: security@sdgp.lk
- WhatsApp (Confidential, verified contact): https://wa.me/94766867362?text=Security%20issue%20found%20in%20SDGP.lk
Please include the following details in your report:
- A clear description of the vulnerability
- Steps to reproduce (if possible)
- Potential impact
- Any mitigation you recommend (optional)
We will acknowledge your report within 3 working days and aim to provide a fix or mitigation timeline within 7 days. Where appropriate, we may credit you as a security contributor after resolution.
All valid reports will be treated confidentially. Public disclosure will only be made after a fix is released and discussed with the reporter.
Do not exploit or test vulnerabilities in production without permission. Doing so may violate local laws and our terms of use.
Any unauthorized access attempts, tampering, or exploitation of this platform will be treated as a criminal offense and may be prosecuted under Sri Lankan ICT and Cybersecurity Laws.
SDGP.lk is a platform developed to Informatics Institute of Technology (IIT) for commercial and academic purposes. All rights are reserved by the creators, and security abuses will not be tolerated.
We reserve the right to take legal action and notify relevant authorities in case of malicious behavior.
Thank you for helping make SDGP.lk secure and reliable for our users and stakeholders.