Please report (suspected) security vulnerabilities via our HackerOne VDP or to our security email. You will receive a response from us within 48 hours. We welcome all reports and act on them as quickly as we can. Even more appreciated is a Merge Request with a fix for the vulnerability!