When submitting a security issue, always include: Summary, Impact, and Reproduction steps that are as clear as possible.
-
To report a security issue on public repos, please use https://hackerone.com/netlify?type=team.
- The Netlify Security Team will respond as soon as possible.
- Any coordination and disclosure will be done using the Hackerone UI in order to privately discuss and fix the issue.
-
To report a security issue on a private repo, please open the issue with the label
security, and the Netlify Security Team will triage and perform an initial risk assessment.