Closed psmoros closed 1 year ago
Thank you for the suggestion. I've forwarded your request to our security team. Meanwhile you can direct your researcher to report the issue to security@instructure.com
Thanks will do :)
Hi everyone,
Maintainer you have to accept this report through huntr.dev, you need repository owner level access to read report, until it is private.
If I send mail you solve it here, who will accept or reject in huntr.dev. If I self close the report I will get negative points.
Hope you understand.
Just sent the email :) @Thewhiteevil self closing no longer penalises your reputation
Thanks for the update. I will send mail soon.
Message ID: @.***>
@Thewhiteevil Please do not report security issues directly on github issues, but rather report them by sending them to security@instructure.com
Okay thank you.
Personal mail sent to the @.***
Cheers!
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@thewhiteevil) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.md
file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 👍
(cc @huntr-helper)