Please contact us at security@photoprism.app when you've discovered a potential security issue.
At a minimum, your report should include the following:
- Version and architecture
- Vulnerability description
- Reproduction steps
We will then try to reproduce the problem, determine the impact and get back to you as soon as possible.
Avoid activities that disrupt, degrade, or interrupt our services or compromise other users' data, such as spam, brute force attacks, denial of service attacks, and malicious file distribution.
You are welcome to also report vulnerabilities in third-party applications that we may not be able to fix directly.
- Confirm that the vulnerability applies to a current version
- First share the vulnerability details with us
- Wait for resolution before sharing details
Thank you! π