If you find a security vulnerability in my systems or projects, I appreciate it and want to make this process as easy as possible for you.
How to Report
Send an email to security@vidgrosek.si with the following information:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any proof of concept (without exploitation)
What to Expect
- Acknowledgment within 48 hours
- Regular updates on progress
- Credit in the fix announcement (if you want)
Rules
- Don't exploit vulnerabilities to access data that isn't yours
- Don't perform attacks that could harm service availability
- Report the vulnerability only to me, not publicly, until it's fixed