Closed hmaverickadams closed 2 years ago
Hello!
Sorry, I've been away taking some time off for the last 3 weeks. Sure, my contact details can be found on my website: https://starbeamrainbowlabs.com
See also me twitter: @SBRLabs
Creating public GitHub repos for security issues before disclcoing is NOT responsible disclosure:
You have deleted the issues on these repos that I opened to try and contact you. I have my email address and contact instructions in these places:
....so I'm surprised you can't find my email address.
I'm beginning a systematic review of every line of code in Pepperminty Wiki for the issues described in the above repositories (though the wiki name one is hardly a properly vulnerability considering you need the site secret to fill in that form, and then you can't fill it in again - still I've fixed it anyway).
Phew, that took forever. Making a new release.
Since you're not replying and I'm pretty sure I've fixed the issue, I'm closing this issue. If there's more to discuss, I'll happily re-open.
Hi,
I am a penetration tester and discovered a couple of vulnerabilities within your application. I will be applying for CVE status on the findings, but would like to work with you on the issues if possible. I could not locate an email, so please feel free to shoot me your contact info if possible.
Thank you!