Roundcube Community Forum

SVN Releases => Issues & Bugs => Topic started by: serpentskiss on March 13, 2018, 12:24:12 PM

Title: How to report exploits
Post by: serpentskiss on March 13, 2018, 12:24:12 PM

As per the title, how to report current exploits? Where can I send details on how it's being done (captured via a WAF) without exposing them publicly?

RC 1.3.3
PHP 5.6.32

Title: Re: How to report exploits
Post by: alec on March 13, 2018, 03:44:45 PM

You can send an email to one of Roundcube authors. You can find addresses in Roundcube source code, e.g. index.php file. You can find PGP keys on public key servers, if you want to use encryption.