Update security policy and issue template

Because Spring Framework already has a security policy, this shows up in
the issue template automatically. This commit removes the extra external
link and updates the original security policy.

See gh-33711

.github/ISSUE_TEMPLATE/config.yml

@@ -1,8 +1,5 @@
 blank_issues_enabled: false
 contact_links:
-  - name: Security issue
-    url: https://github.com/spring-projects/security-advisories/security/advisories/new
-    about: Security issues must be disclosed and discussed in private. See https://spring.io/security-policy
   - name: Asking for help
     url: https://stackoverflow.com/tags/spring
     about: The Spring team is using StackOverflow for questions.

SECURITY.md

@@ -1,16 +1,11 @@
-# Security Policy
+# Reporting a Vulnerability
+
+You can create a [draft security advisory here](https://github.com/spring-projects/security-advisories/security/advisories/new).
+Security issues must be disclosed and discussed in private. Please check out our [security policy](https://spring.io/security-policy).
+Note that we can only accept vulnerabilities against [supported versions](https://spring.io/projects/spring-framework#support).
 
 ## JAR signing
 
 Spring Framework JARs released on Maven Central are signed.
 You'll find more information about the key here: https://spring.io/GPG-KEY-spring.txt
 
-## Supported Versions
-
-Please see the
-[Spring Framework Versions](https://github.com/spring-projects/spring-framework/wiki/Spring-Framework-Versions)
-wiki page.
-
-## Reporting a Vulnerability
-
-Please see https://spring.io/security-policy.