Please report (suspected) security vulnerabilities to security@fun-mooc.fr, explaining how we can reproduce the issue. We will investigate and come back to you. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.