HorizontCMS icon indicating copy to clipboard operation
HorizontCMS copied to clipboard
Published 2 months ago verified publisher icon ttimot24

How to get in touch regarding a security concern

Open JamieSlome opened this issue 3 years ago • 2 comments

Hey there!

I belong to an open source security research community, and a member (@dota-st) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

JamieSlome avatar Feb 16 '22 05:02 JamieSlome

Hi @JamieSlome!

I created a security.md file. Right now please feel free to open issue tickets about security problems, since the platform still in beta version.

Later I'll create an email where security problems can be reported. I'll keep you updated.

Thank you!

ttimot24 avatar Feb 16 '22 07:02 ttimot24

@ttimot24 - thanks for your response 👍

You can view the report directly here: https://huntr.dev/bounties/1d70e354-b8f3-41a4-98bb-7b4e9770af38/

It is private and only accessible to maintainers with repository write permissions!

JamieSlome avatar Feb 16 '22 11:02 JamieSlome