diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 000000000..fa6a94b18
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,33 @@
+# Security Policy
+
+## Supported Versions
+
+With some exceptions, only the latest minor official release of UserFrosting 5 (`5.0.x`) currently receive patches for security vulnerabilities. Previous minor versions won't be patched.
+
+As for UserFrosting 4, the latest minor version _might_ be patched if the fix is simple. It is recommended to upgrade to UserFrosting 5 at this time. 
+No update shall be done to version older than `4.6.x` in any cases.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :x:                |
+| 5.0.x   | :white_check_mark: |
+| 4.6.x   | :x:                |
+| < 4.6   | :x:                |
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to the main contributors (listed below) by contacting us directly or on [Chat](https://chat.userfrosting.com). 
+If you have a fix, don't hesitate to explain or attach it. Using the issue system should be avoided for suspected security vulnerabilities.
+We'll try our best to reply in due time. If the issue is confirmed, we will see to release a patch as soon as possible depending on complexity.
+
+Alternatively, you can submit a security advisory [through GitHub](https://github.com/userfrosting/UserFrosting/security/advisories/new).
+
+### Main contributors:
+- [@alexweissman](https://github.com/alexweissman)
+- [@lcharette](https://github.com/lcharette) - louis@bbqsoftwares.com
+- [@Silic0nS0ldier](https://github.com/Silic0nS0ldier)
+
+## Comments on this Policy
+
+If you have suggestions on how this process could be improved please submit a
+pull request.
diff --git a/package-lock.json b/package-lock.json
index b3f9346b5..5da1fdc1a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -5234,9 +5234,9 @@
             "integrity": "sha512-xg2otcTJDvS+ERK+my4wxG/ASq90QURXtoM4LhacCq0jQW2jbyjdttbRNqU2cPykrpMvJ6b2uSp6SAgYAzj9tQ=="
         },
         "node_modules/follow-redirects": {
-            "version": "1.15.3",
-            "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz",
-            "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==",
+            "version": "1.15.4",
+            "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz",
+            "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==",
             "dev": true,
             "funding": [
                 {