Closed JamieSlome closed 2 years ago
is this potential issue
too sensitive to just create a (public) issue here in this repo?
also you create a ton of issues exactly like this, without disclosing any security vulnerabilities
is this just a scheme to promote your company, huntr helper? 😉
fwiw, no results for furl
when searching on huntr.dev:
@gruns - thanks for all of your feedback on the above.
SECURITY.md
, so that maintainers can select an e-mail address where they want reports to go, plus we can authorize the address that's been created by a permitted maintainer. Until we have that e-mail address, we don't disclose it.Also:
And feel free to check out the thousand of vulnerabilities found previously by our researchers:
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@ooggle) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.md
file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 👍
(cc @huntr-helper)