Please do not file GitHub issues for security vulnerabilities as they are public.
If you believe you have uncovered a vulnerability in ActiveWorkflow, we suggest that you get in touch via the e-mail address info@automaticmode.com. In the message, try to provide a description of the issue and ideally a way of reproducing it. Please note that this should be used only for undisclosed vulnerabilities.