If you find a (suspected) vulnerability in the code or the behavior of the application that is not very critical then create an issue on the repository with all the possible details. An issue on the GitHub repo should be created only if the vulnerability or bug is not very critical.

In case, the (suspected) Bug or Vulnerability is very critical and may leak data, then please send us an email at security@fossunited.org and the team shall get back to you within 12-24 hours. Furthermore, a resolution timeline will be shared in the same thread.

Please include the following things in your report:

1. Brief Description of the vulnerability.
2. System Details (Browser, OS, etc).
3. Steps to recreate.
4. If possible, a GIF or video demo of the process.
5. Recommendations/Suggestions to fix it (if you know any).