From f77df43d7a24d8659b4d54d83b0674c6545fa8ab Mon Sep 17 00:00:00 2001
From: Andy Miller <1084697+rhukster@users.noreply.github.com>
Date: Mon, 4 Mar 2024 15:49:48 -0700
Subject: [PATCH] Update SECURITY.md

---
 SECURITY.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
index ffe8f79023..d0b04b0329 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -22,6 +22,15 @@ Please contact security@getgrav.org with a detailed explanation of the security
 
 >> NOTE: Please do not use 3rd party security issue reporting services, we like to keep everything in the GitHub ecosystem for easier manageability.
 
+## Note on Security Severity
+
+IMPORTANT!!! Please use the following guidlines when selecting a **Severity**.  Submitted advisories that are marked **High** or **Critical** that don't meet the guidelines below will be cliosed.
+
+* **CRITICAL** - no account required, can modify content, or run malicious code or nefarious activity without any access.
+* **HIGH** - publisher level account able to run malicious code or nefarious activity, or other high level security things.
+* **MODERATE** - admin level account able to run malicious code or do nefarious things. other moderate security things.
+* **LOW** - super admin level account able to run malicious code or do nefarious things. other minor security things.
+
 ## Bug Bounties
 
 We do greatly appreciate your efforts to improve Grav, but unfortunately because we are a small open source project, we **do not have the resources to offer bounties** for security issues found.