Found a possible security concern

Question

Found a possible security concern

JamieSlome opened this issue 2 years ago · comments

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@fish98) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

ozan (oz) s. yigit · Answer 1 · Wed Aug 03 2022 21:02:12 GMT+0800 (China Standard Time)

current maintainer email address (mine) is in readme. I may check in a SECURITY.md file later.

Jamie Slome · Answer 2 · Mon Aug 08 2022 21:19:41 GMT+0800 (China Standard Time)

@plan9 - I just sent an e-mail to the address specified in the README.md 👍

Just for reference, you can also find the report here:
https://huntr.dev/bounties/7272cdd2-c45a-4bbd-b13e-07c7d1c8e60b/