Do NOT open a public issue for security vulnerabilities.
Please report security issues by emailing: security@fennectra.dev
You will receive a response within 48 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.
| Version | Supported |
|---|---|
| 1.x | Yes |
The following are in scope:
- SQL injection
- Authentication bypass
- JWT token vulnerabilities
- Encryption weaknesses
- CORS misconfiguration
- File upload vulnerabilities
- Any OWASP Top 10 issue