Please report (suspected) security vulnerabilities to [email protected]. Please, be patient while we analyse the issue, it might take a few days. If the issue is confirmed, we will release a patch as soon as possible depending on complexity.
Be sure to include the following information on the e-mail:
- Type of vulnerability (XSS, Injection, CSRF, etc.);
- Brief description of the vulnerability;
- Possible impacts;
- CVSS Risk Score;
- Steps used to reproduce the exploitation;
- Evidences (only .jpg and .png will be accepted);
- (Optional) Any possible solution to the issue identified.
We apreciate your help on contributing to our Security and we expect you to comply with all applicable laws.