We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.

Please use the GitHub Security Advisory "Report a Vulnerability" tab to report a security issue. Please do not report security vulnerabilities through public issues, discussions, or change requests.

The team will send a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress towards a fix and may ask for additional information or guidance.

Report security bugs in third-party plugins/applications to the team maintaining the application.