Where Can I Report Security Vulnerability?

[orangetw]

HI, I found a vulnerability and followed the steps, and sent mail to people on this page.

But seems one of these mail addresses are not exists and there are no reply for 3 days.

Could you check the mail box? Thanks!

[tipsy]

I can't find the email, but I've messaged @perwendel.

[orangetw]

Your mail on contact page seems wrong, gmail replied me “The email account that you tried to reach does not exist.“ David <[email protected]>於 2018年2月25日 週日，下午5:34寫道：

I can't find the email, but I've messaged @perwendel <https://github.com/perwendel>. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#981 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ADoRdnxRj7RDzZYoiGXEALtpThYsMbc8ks5tYRsbgaJpZM4SSLJ4> .

-- - Orange -

[tipsy]

That would explain it... Should be [email protected].

[orangetw]

OK, I forwarded to [email protected] David <[email protected]>於 2018年2月25日 週日，下午5:43寫道：

That would explain it... Should be ***@***.*** — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#981 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ADoRdmowKufvjhKWqJJSlh1UIVh1FKc9ks5tYR01gaJpZM4SSLJ4> .

-- - Orange -

[perwendel]

I've released the mail. I'm on a long weekend vacation and will have a look tomorrow!

[perwendel]

*received

[perwendel]

I've checked the issue. We will create a fix ASAP. Thanks for finding and reporting!

[perwendel]

Fixed! Thanks for reporting and investigating @orangetw