inoERP icon indicating copy to clipboard operation
inoERP copied to clipboard

Published 20 hours ago verified publisher icon inoerp

Trying to get in touch regarding a security issue

Open JamieSlome opened this issue 3 years ago • 3 comments

Hi there,

I couldn't find a SECURITY.md in your repository and am not sure how to best contact you privately to disclose a security issue.

Can you add a SECURITY.md file with an e-mail to your repository, so that our system can send you the vulnerability details? GitHub suggests that a security policy is the best way to make sure security issues are responsibly disclosed.

Once you've done that, you should receive an e-mail within the next hour with more info.

Thanks! (cc @huntr-helper)

JamieSlome avatar Jul 12 '21 08:07 JamieSlome

thank buddy what security issue plz tell

kumarvivekpandey avatar Aug 08 '21 12:08 kumarvivekpandey

@zidingz - bump 🤛

JamieSlome avatar Aug 08 '21 14:08 JamieSlome

Hey @kumarvivekpandey

The issue is a Cross-site Scripting (XSS) - Reflected.

In the interest of not disclosing security issues in public, would you consider adding an email to this PR? We'll then send you the details.

Happy to help if you have any questions.

zidingz avatar Aug 09 '21 10:08 zidingz

Closing this issue as the Old PHP version is not maintained anymore, and the issue is irrelevant in the new Dart/Go application.

inoerp avatar Aug 16 '22 16:08 inoerp