Reporting a vulnerability
igibek opened this issue · 2 comments
Hello!
I hope you are doing well!
We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.
Can you enable it, so that we can report it?
Thanks in advance!
PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
Hi @igibek ,
Thanks for getting in touch. We were busy with release-related tasks in the last few weeks, so sorry about the late reply.
Do you have a Telerik account? If yes, then submit a non-technical ticket ("General Inquiry") via https://www.telerik.com/account/support-center/contact-us/licensing-support . Mention this issue in the ticket, so that it's routed to me or my team.
Otherwise, give us a few more days to check if we can enable the mentioned GitHub option (corporate stuff).