Vulnerabilities should be reported to this email address as soon as they are discovered.

In the event that your vulnerability is recognized and accepted you will recieve confirmation when the issue has been acknowledged and when a fix has been implemented.