Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

What to do if you find a potential security hole


Reply


17391 Views

Avatar
Sam

Administrator, 685 Posts

10 July 2009 at 2:50pm

Edited: 09/01/2014 7:51pm

Hi everyone,

From time to time, people post to the SilverStripe forum to let us know about potential security holes. While we really appreciate this feedback, the problem with posting it to the forum is that it can give would-be hackers a nice searchable index of ways to attack older SilverStripe installations.

So, if you discover a security related issue, we definitely want to hear from you, but rather than posting it to the forum or the bug tracker, please email security@silverstripe.org. We can then assess the issue, and if necessary, release an update to SilverStripe or to the relevant module.

More information:http://doc.silverstripe.org/framework/en/trunk/misc/contributing/issues#reporting-security-issues

Thanks,
Sam