| Version | Supported |
|---|---|
| >= 1.13.x | ✅ |
| < 1.13.0 | ❌ |
We appreciate anyone's effort to report vulnerabilities found in Formwork. Be responsible about disclosing the vulnerability
You can draft a security advisory with an explaination of the security issue you found and we'll work together to resolve it.
If you prefer you can still contact security@getformwork.org
Warning
Remember that not informing about the vulnerability or publicly disclosing details about the vulnerability even on our Discord channels, or without us knowing, which is even worse, exposes Formwork users to unnecessary additional risk.
Important
Please do NOT use third party security reporting services, or authorities like MITRE to get CVE IDs, we like to keep everything at GitHub for better manageability. We'll request a CVE ID for confirmed vulnerabilities.