-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@nicolai-h) has found a potential issue, which I would be eager to share with you.
Could you add a `SECU…
-
On 21.08.2024 we've reported several vulnerabilities to contact@projectsend.org in accordance with your [security policy](https://github.com/projectsend/projectsend?tab=security-ov-file). Despite a fr…
-
Hey there!
I belong to an open source security research community, and a member (@hitisec) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a `…
-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@deniegajacob) has found a potential issue, which I would be eager to share with you.
Could you add a `S…
-
ConcreteCMS has a security program over at https://hackerone.com/concretecms, please use that to report suspected security issues.
This specific CVE is not a vulnerability, the header tracking code…
-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@francoataffarel) has found a potential issue, which I would be eager to share with you.
Could you add a…
-
We discussed yesterday wanting to add a page outlining our philosophy about responsible disclosures.
Contents:
- What we're asking for and what we're offering re relating to outside security rese…
-
Hey there!
I belong to an open source security research community, and a member (@0xad3l) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a `S…
-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@n0psn0ps) has found a potential issue, which I would be eager to share with you.
Could you add a `SECUR…
-
In light of recent events BU should probably figure out a process for responsible disclosure of exploitable bugs. These should then probably be referenced in CONTRIBUTING.md.
As seen, sensitive fix…