We currently provide security updates for the latest major version of QuillPHP.

Security is a high priority for QuillPHP. If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible.

Please do not report security vulnerabilities through public GitHub issues.

Instead, please report them by sending an email to: hello@quillphp.com.

• Type of issue (e.g. buffer overflow, SQL injection, XSS, etc.)
• Full paths of source file(s) related to the manifestation of the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker might exploit the issue

We will acknowledge receipt of your vulnerability report as soon as possible and send you regular updates about our progress. Once the issue is resolved and a release is published, we will publicly acknowledge your responsible disclosure, if you wish.