If you have found a vulnerability, please DO NOT file a public issue. Please send us your report privately either via:
- SecureDrop's public bug bounty program managed by Bugcrowd
- Email to security@freedom.press (Optionally GPG-encrypted to 734F6E707434ECA6C007E1AE82BD6C9616DABB79