Please DO NOT report security vulnerabilities using a public GitHub issue. If you believe you've found a security issue, please contact us through one of the following methods:

• Using GitHub security advisories: https://github.com/saleor/<repository-name>/security/advisories (replace <repository-name>)
• Alternatively, through our mailing list: [email protected]

We do not currently have a bounty program in place, so we cannot offer monetary rewards for any reported problems.

Whichever method you choose, you will be credited as the reporter once the announcement is published.