virtuoso-opensource icon indicating copy to clipboard operation
virtuoso-opensource copied to clipboard
verified publisher icon openlink

How to get in touch regarding a security concern

Open zidingz opened this issue 4 years ago • 1 comments

Hey there!

I belong to an open source security research community, and a member (@theworstcomrade) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

zidingz avatar Oct 14 '21 15:10 zidingz

We are looking into the issue and will report back on our findings and fix ...

HughWilliams avatar Oct 15 '21 16:10 HughWilliams

Resolved by 83a4c26b858411b3355dd4fa6a75b3f455b04f9f

TallTed avatar May 12 '23 01:05 TallTed