keystonejs / keystone-classic

Node.js CMS and web app framework
http://v4.keystonejs.com
MIT License
14.65k stars 2.21k forks source link

Trying to get in touch with you regarding a security issue #5007

Open huntr-helper opened 3 years ago

huntr-helper commented 3 years ago

Hi there,

I couldn't find a SECURITY.md in your repository and so am not sure how to best contact you privately to disclose the security issue.

Can you add a SECURITY.md file with your e-mail to your repository, so that I know who to contact? GitHub suggests that a security policy is the best way to make sure security issues are responsibly disclosed.

Once you've done that, please let me know so I can ping you the info.

Thanks! (cc @JamieSlome)