Please do not report security vulnerabilities as a public GitHub issue.
Instead, send an email to: roknix87@gmail.com
Include:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
I will respond as soon as possible and work on a fix. Once resolved, the issue will be disclosed publicly.
Only the latest release is actively maintained.
This is a self-hosted application. Security responsibility is shared:
- This project covers the application code (XSS, CSRF, SQL injection, auth)
- You (the operator) are responsible for your server configuration, HTTPS setup, and keeping PHP/MySQL up to date