Important! In case you found vulnerability or security issue in one of the libraries we use or somewhere else in the code, please contact us via e-mail at email@example.com. Please do not use this channel for support.
What is vulnerability?¶
Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. The vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat. - by techopedia
In case you found a vulnerability¶
In case you found vulnerability or security issue in one of the libraries we use or somewhere else in the code, please do not publish it, instead, contact us via e-mail at firstname.lastname@example.org. We will take the necessary steps to fix the issue. We are handling the vulnerabilities privately.
To make report processing easier, please consider the following:
Use clear and expressive subject
Have a short, clear, and direct description including the details
Include OWASP link, CVE references or links to other public advisories and standards
Add steps on how to reproduce the issue
Describe your environment
Attach screenshots if applicable
This article is a pretty good resource on how to report vulnerabilities.
In case you have any further questions regarding vulnerability reporting, feel free to open an issue on GitHub.