Please do not report security vulnerabilities through public GitHub issues.
Instead, inform the TYPO3 Security Team via their website.
In addition, you can send an email to office@fixpunkt.com with the subject line [SECURITY] fp-fileprotector.
Include as much of the following information as possible:
- Type of issue (e.g. SQL injection, XSS, privilege escalation)
- Affected version(s)
- Steps to reproduce
- Potential impact
We will acknowledge your report within two workdays and aim to provide a fix within 14 days.