jstanley0
commented
1 year ago Thank you for the suggestion. I've forwarded your request to our security team. Meanwhile you can direct your researcher to report the issue to security@instructure.com
Closed psmoros closed 1 year ago
jstanley0
commented
1 year ago Thank you for the suggestion. I've forwarded your request to our security team. Meanwhile you can direct your researcher to report the issue to security@instructure.com
psmoros
commented
1 year ago Thanks will do :)
Thewhiteevil
commented
1 year ago Hi everyone,
Maintainer you have to accept this report through huntr.dev, you need repository owner level access to read report, until it is private.
If I send mail you solve it here, who will accept or reject in huntr.dev. If I self close the report I will get negative points.
Hope you understand.
psmoros
commented
1 year ago Just sent the email :) @Thewhiteevil self closing no longer penalises your reputation
Thewhiteevil
commented
1 year ago Thanks for the update. I will send mail soon.
Message ID: @.***>
maths22
commented
1 year ago @Thewhiteevil Please do not report security issues directly on github issues, but rather report them by sending them to security@instructure.com
Thewhiteevil
commented
1 year ago Okay thank you.
Thewhiteevil
commented
1 year ago Personal mail sent to the @.***
Cheers!
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@thewhiteevil) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.mdfile with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 👍
(cc @huntr-helper)