If there are any vulnerabilities in Z-Shell ZI Organization repositories, don't hesitate to report them.
- Use any of the private contact addresses.
- Describe the vulnerability.
- If you have a fix, that is most welcome -- please attach or summarize it in your message!
- We will evaluate the vulnerability and, if necessary, release a fix or mitigating steps to address it. We will contact you to let you know the outcome, and will credit you in the report.
- Please do not disclose the vulnerability publicly until a fix is released!
- Once we have either a) published a fix, or b) declined to address the vulnerability for whatever reason, you are free to publicly disclose it.