Well, it's really disappointing and unprofessional to come to this...
Two months ago (2019-05-28) I disclosed two privilege escalation vulnerabilities to email@example.com (and eventually also to firstname.lastname@example.org and email@example.com), I obtained no useful replies or actions so I'm trying to reach a wider audience by opening an issue here (and no, I won't join the forum).
As today the two vulnerabilities are still undisclosed as I fairly believe that a responsible disclosure approach is the right way to go. Yet we're pushing the boundaries here and I don't think the maintainers are being respectful of the userbase.
So this is my last attempt to get these issues fixed, after that I will disclose them anyway, fixed or not. Users having write access to this repo can reach me privately for details, it's even better if they reply to the original message sent to the above @vestacp.com addresses, provided that they're allowed to do that.
The text was updated successfully, but these errors were encountered: