search

neutronX / django-markdownx

Comprehensive Markdown plugin built for Django
https://neutronx.github.io/django-markdownx/
Other
854 stars 153 forks source link

Found a possible security concern #224

Closed JamieSlome closed 1 year ago

JamieSlome commented 2 years ago

Hey there!

I belong to an open source security research community, and a member (@noobexploiterhuntrdev) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

adi- commented 2 years ago

Please use https://github.com/neutronX/django-markdownx/blob/master/SECURITY.md

JamieSlome commented 2 years ago

@adi- - thanks! 👍

We will send an e-mail to this address shortly, otherwise, you can view the report directly here in the meantime:

https://huntr.dev/bounties/ec92e231-88cc-45d2-b792-ea106ec2a171/

It is private and only accessible to maintainers with repository write permissions!