Only the latest master and development branches are supported with security updates. The master branch represents the last published version, whereas the development branch represents the upcoming version.

I only support the latest published, stable Joomla version in the 3.x version range. I do not support Joomla alphas, betas or release candidates (testing releases). If a security issue only occurs with a testing release I will consider it but I cannot promise a rapid resolution.

Please DO NOT file a GitHub issue about security issues. GitHub issues are public. Filing an issue about a security issue puts all users, you included, in immediate danger.

Please use my business contact page to send me a private notification about the security issue. I strongly recommend using GPG to encrypt your email. You can find my public GPG key at https://keybase.io/nikosdion

Please include instructions to reproduce the security issue. Better yet, please include Proof Of Concept code if applicable.

I aim to reply within a business week (5 working days excluding bank holidays). I request a period of 60 to 90 calendar days since I receive adequate information to reproduce the issue before public disclosure so I have time to address the security issue, publish a new version and make sure everyone is updated.