Trying to get in touch regarding a security issue

Question

Trying to get in touch regarding a security issue

Closed this issue 3 years ago · 2 comments

Hey there!

I belong to an open source security research community, and a member (@Firebasky) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

Answer 1 · 2022-02-13T03:49:08.000Z

This security issue has been fixed in the latest release 2.12

Answer 2 · 2022-02-13T07:52:29.000Z

@datageartech - are you able to mark the report as approved/rejected?

https://huntr.dev/bounties/ba28351f-791b-41e9-baaf-343eba07308c/