This repository follows the HAX security policy (source of truth for haxtheweb/*):
https://github.com/haxtheweb/issues/security/policy
To report a vulnerability, submit a private advisory: https://github.com/haxtheweb/issues/security/advisories/new
If you need to discuss first, contact the core team:
- Discord: https://discord.gg/qGBZMBnHc
- Email: hax@psu.edu
Please do not open public issues for unpatched security vulnerabilities.