Trying to get in touch regarding a security issue #274
Comments
|
Hey @francoisjacquet, I just submitted an issue through Gitlab, but I couldn't find the option to make the issue private on the submit issue page, and I assumed perhaps it was the default for your repo. Unfortunately, I believe the issue was posted publicly, despite my closing it soon after. There are 7 other potential issues we'd like to responsibly disclose to you. Would you kindly advise how to report something private on Gitlab, or provide another means of contact? Thank you. |
|
Hello @zidingz Thank you for posting the issue at GitLab. In case you do not have access to these settings when creating an issue through GitLab, you can send the other security issues to the email address you will find at https://www.rosariosis.org/ |
|
Really appreciate your assistance. We'll use the email found on your website. Thank you! |
|
@francoisjacquet - we have received more reports against this repository. You can view all of them directly here: https://huntr.dev/bounties/0b830121-7e99-4f26-a767-d0d2903939f5/ Let me know if you have any questions 👍 |
Hi there,
I couldn't find a
SECURITY.mdin your repository and am not sure how to best contact you privately to disclose a security issue.Can you add a
SECURITY.mdfile with an e-mail to your repository, so that our system can send you the vulnerability details? GitHub suggests that a security policy is the best way to make sure security issues are responsibly disclosed.Once you've done that, you should receive an e-mail within the next hour with more info.
Thanks! (cc @huntr-helper)
The text was updated successfully, but these errors were encountered: