panique
Trying to get in touch regarding a security issue
Hi there,
I couldn't find a SECURITY.md in your repository and am not sure how to best contact you privately to disclose a security issue.
Can you add a SECURITY.md file with an e-mail to your repository, so that our system can send you the vulnerability details? GitHub suggests that a security policy is the best way to make sure security issues are responsibly disclosed.
Once you've done that, you should receive an e-mail within the next hour with more info.
Thanks! (cc @huntr-helper)
Hi Jamie, thanks a lot, but this project has reached End of Life for around 6 years, not sure how to deal with this issue. You can reach me by using my github name @web.de ! See you Jamie
Hi Jamie, I have built a massive project starting with Huge at its core and working outwards. I'm fairly confident that what I have ended up with is secure, but never say never and just the hint of a problem has me worried. Personally, if there is no way to publicise the issue in private, I would rather you just go ahead and post it on here ...but that's just my opinion.
@panique - alternatively, you can view the advisory here. It is only accessible to you and the researcher.
https://huntr.dev/bounties/1625876449495-panique/huge/