I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@zonia3000) has found a potential issue, which I would be eager to share with you.
Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.
I've added SECURITY.md file with a method of providing vulnerabilities reports (via GitHub). Thank you and please let me know if you have any comments/suggestions.
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@zonia3000) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.md
file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 👍
(cc @huntr-helper)