Closed lirantal closed 5 years ago
Hey there, sorry I didn't see this until now. I'm happy to address the issue... what's going on?
@khrome hi, can you check your inbox (maybe spam folder) for an invite from HackerOne platform? otherwise give me your e-mail address again so I can invite you to the relevant report to further discuss.
Hello,
As a member of the Node.js Security WG I would like to draw your attention to a security report that has been made regarding this issue.
I have made attempts to contact the person identified as a maintainer of this package but did not get any answer. What is the best way to reach someone with commit rights over this repo and hopefully npm publishing rights as well, in order to invite them to privately discuss the issue on the HackerOne platform and provide a resolution?
Thanks, Liran.
References: