search

openkm / document-management-system

OpenKM is a Open Source Document Management System
https://www.openkm.com/
GNU General Public License v2.0
708 stars 308 forks source link

Who to contact for security issues #361

Closed psmoros closed 12 months ago

psmoros commented 1 year ago

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@ahrixia) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

darkman97i commented 1 year ago

Fill this form https://www.openkm.com/en/contact.html

ahrixia commented 1 year ago

Hi, I have already mailed someone after getting a reply from contact form. It's been weeks and no updates. Could you please check thanks!

darkman97i commented 1 year ago

can tell us the subject you used?

ahrixia commented 12 months ago

@darkman97i I emailed to Jllort and the subject was "Security Bug: OpenKM"

darkman97i commented 12 months ago

Nothing was found with this subject. Send the email again indicating "community edition security issues #361"

https://www.openkm.com/en/contact.html

ahrixia commented 12 months ago

Hi,

I just sent a new email on the same email which was provided before. I have added the new subject. Please let me know if you received. Thank you.

Get Outlook for iOShttps://aka.ms/o0ukef

From: Josep Llort Tella @.> Sent: Tuesday, November 28, 2023 6:51:57 PM To: openkm/document-management-system @.> Cc: Astik Rawat @.>; Mention @.> Subject: Re: [openkm/document-management-system] Who to contact for security issues (Issue #361)

Nothing was found with this subject. Send the email again indicating "community edition security issues #361https://github.com/openkm/document-management-system/issues/361"

https://www.openkm.com/en/contact.html

— Reply to this email directly, view it on GitHubhttps://github.com/openkm/document-management-system/issues/361#issuecomment-1829572263, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AISFMYYF2ISBTSGODV4AQD3YGW643AVCNFSM6AAAAAA6GW6VDWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMRZGU3TEMRWGM. You are receiving this because you were mentioned.Message ID: @.***>

darkman97i commented 12 months ago

Got it, thanks.