codefollower
commented
2 years ago Email Contact codefollower AT gmail.com
Closed JamieSlome closed 2 years ago
codefollower
commented
2 years ago Email Contact codefollower AT gmail.com
JamieSlome
commented
2 years ago @codefollower - thank you for your response.
Just for reference, you can view the report directly here:
https://huntr.dev/bounties/67fec76a-ddd9-4fec-b72d-53fd9601771c/
JamieSlome
commented
2 years ago E-mail sent as well! ❤️
codefollower
commented
2 years ago @JamieSlome Thanks
JdbcUtils.getConnection is legacy code of h2, lealone not use the method, i will remove it.
JamieSlome
commented
2 years ago @codefollower - thanks for your follow-up!
If you could approve/reject the vulnerability on the report, and confirm the fix, that would be much appreciated! ❤️
Hey there!
I belong to an open source security research community, and a member (@fturan0) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)