Yomguithereal
commented
2 years ago Hello @JamieSlome. If this security issue does not involve personal credentials or secret tokens you can very well disclose it here.
Closed JamieSlome closed 2 years ago
Yomguithereal
commented
2 years ago Hello @JamieSlome. If this security issue does not involve personal credentials or secret tokens you can very well disclose it here.
JamieSlome
commented
2 years ago @Yomguithereal - you can find the report here:
https://huntr.dev/bounties/1529a17d-3d26-41e9-906a-8ebc3593a513/
Hey there!
I belong to an open source security research community, and a member (@ranjit-git) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)