If you discover a security vulnerability, please report it through a GitLab's issue and make sure to tick checkbox Turn on confidentiality: Limit visibility to project members with at least the Planner role..