At Truesec, we take the security of our software products and services very seriously. This includes all code repositories and solutions managed by Truesec.

We are committed to ensuring that any security vulnerabilities are addressed promptly and responsibly. If you discover a potential security issue in any Truesec-owned repository or product, we encourage you to report it to us through our coordinated disclosure process.

If you believe you have identified a security vulnerability in a Truesec repository or product, please do not report it via public channels.

Instead, report the issue by sending an email to: report-security[@]truesec.com

Please include as much of the following information as possible to help us understand and resolve the issue efficiently:

• The type of issue (e.g., buffer overflow, SQL injection, cross-site scripting)
• Full paths of source file(s) related to the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if available)
• The potential impact of the issue, including how it might be exploited

This information will assist us triage and address your report as quickly as possible.

Thank you for helping us keep Truesec and our community secure.