Please do not create a public issue for the vulnerablility. Contact us using email instead.
Make sure to label your report and include the following:
- Type of issue
- Detailed instructions on how to reproduce the issue
- Proof of concept
- Possible impact of the issue
You are allowed to make the vulnerability public once you receive our clearance, and you will be credited in the fix.