Do not report security vulnerabilities through public GitHub issues.
If you believe you've found a security issue, please send an email to [email protected] with the following information:
- Affected versions
- Step-by-step instructions to reproduce the issue
- Impact of the issue, including how an attacker might exploit the issue
- Possible mitigations for the issue
- Proof-of-concept or exploit code (if possible)
You should receive a response within 2 days. If for some reason you do not, please follow up.
Thank you for your willingness to make the internet safer.