Your efforts to responsibly disclose your findings are appreciated.
** Please do not report security vulnerabilities through public GitHub issues. **
If you believe you have found a security vulnerability, then please report it to [email protected] so your findings can be investigated, and if confirmed, fixed and released in a timely manner.
Your report should include:
- Mailpit version
- A vulnerability description
- Reproduction steps (if applicable)
- Any other details you think are likely to be important
You should receive an initial acknowledgement within 24 hours in most cases, and will kept updated throughout the process.
With your consent, your contributions will be publicly acknowledged.