Hi — I found a security issue (cross-tenant access control) in abby that I'd like to report privately, not in a public issue.
Your repo doesn't have a SECURITY.md and private vulnerability reporting (GitHub Security Advisories) doesn't appear to be enabled. Could you either enable private advisories, or share a security contact email so I can send the details responsibly?
Thanks.
Hi — I found a security issue (cross-tenant access control) in abby that I'd like to report privately, not in a public issue.
Your repo doesn't have a SECURITY.md and private vulnerability reporting (GitHub Security Advisories) doesn't appear to be enabled. Could you either enable private advisories, or share a security contact email so I can send the details responsibly?
Thanks.