Re: [keycloak-dev] How to report security problem

Hello, I created the security issue yesterday. https://issues.jboss.org/browse/KEYCLOAK-3692 Can only core members see the ticket? I wrote reproduce steps too. Please check the issue. Regards, -- Hiroyuki Wada On Wed, Oct 12, 2016 at 5:01 PM, Hiroyuki Wada <wadahiro(a)gmail.com&gt; wrote: > Hello Thomas, > > Thanks for your quick reply. > I'll create a jira ticket soon. > > > > On Wed, Oct 12, 2016 at 4:36 PM, Thomas Darimont > <thomas.darimont(a)googlemail.com&gt; wrote: >> Hello Hiroyuki, >> >> Just create a new issue here https://issues.jboss.org/projects/KEYCLOAK >> Mark it as Security Sensitive Issue (x) This issue is security relevant. >> >> Cheers, >> Thomas >> >> 2016-10-12 9:30 GMT+02:00 Hiroyuki Wada <wadahiro(a)gmail.com&gt;: >>> >>> Hello, >>> >>> I have security concern in Keycloak server. It might be a vulnerability. >>> Where should I report this problem? >>> >>> >>> Regards, >>> >>> -- >>> Hiroyuki Wada, >>> Developer, >>> Nomura Research Institute, Ltd. >>> _______________________________________________ >>> keycloak-dev mailing list >>> keycloak-dev(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-dev >> >> _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev