Critical security vulnerability responsible disclosure contact

[hopperelec]

@aliasaria I've identified a critical security vulnerability and I would like to disclose the details of it to you privately so nobody can take advantage of it while it is still in production. I tried to find a contact for you but the only one I could find directly linked to your GitHub account was your Twitter/X account and I seem to require X Premium to DM you there. Could you please provide a secure place for me to disclose the details to you? I would also be happy to provide the exact changes necessary to fix it.

[aliasaria]

Would you be open to issuing a fix in the form of a PR and I can merge it quickly. Thanks for reporting.

[hopperelec]

Thanks for the very quick response, and sorry for my slower one! I've now created the PR.

#182