If you believe you have identified a security issue with switchboard, do not open a public issue. To responsibly report a security issue, please email [email protected]. A security team member will contact you acknowledging the report and how to continue.
Be sure to include as much detail as necessary in your report. If you are able, you may also include a fix for the issue generated with git format-patch.
After fixing an issue, we will make a security release along with an announcement. We may obtain a CVE id as well. You may include a name and link if you would like to be credited for the report.