A security enhancement for OSSN #1521
Comments
|
Sent you a email from ar*@bu***.net and adm@open***.org |
|
You may contact at arsalan@buddyexpress.net or admin@opensource-socialnetwork.org |
|
Ok so..what is the issue and patch? Not exactly open source if everyone cant secure server? |
|
@djhashh download the latest build as the patch already being applied. It is not a high risk vulnerability found as said in title, so just relax. |
lianglee
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I believe I have found a high level vulnerability in OSSN enabling the takeover of user account without any target user action. Due to nature of the issue I'd like to contact your security team to discuss and present the vulnerability without it becoming exploitable. For this I'd like to either receive the contact information of your security team or that they'd contact me. My gmail address is of the format (username@gmail.com, replace username with my handle.)
The text was updated successfully, but these errors were encountered: