Closed JamieSlome closed 2 years ago
fixed in PR #691
@fklassen - thanks for the quick turnaround time - we appreciate your response! ⚡
Just for reference, the two reports can be found here:
https://huntr.dev/bounties/65623875-cd71-40f7-8473-a9b708bf9de9/ https://huntr.dev/bounties/66188e65-b9bc-40e0-acbd-09369fc2f8b4/
It is private and only accessible to maintainers with repository write permissions! 👍
Hey there!
I belong to an open source security research community, and a member (@zfeixq) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.md
file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)