If you discover a security vulnerability, please email [email protected] instead of opening a public issue. We'll review and fix responsibly.
- Authentication/authorization issues
- Data exposure or leaks
- Cross-site scripting (XSS)
- SQL injection
- Remote code execution
- CSRF vulnerabilities
- Any other security-related issues
- Issues that require physical access
- Social engineering attacks
- Denial of service (DoS) attacks
- Spam or content issues
- Issues in outdated/unsupported versions
- We'll work with you to fix the issue before public disclosure
- We'll credit you (if you want) when we announce the fix
- We'll coordinate disclosure timing with you
Thanks for helping keep our projects secure! 🙏 Made with ❤️ (and a healthy dose of chaos) by the Ooops team