[GH-ISSUE #934] Who to contact for security issues #579

New issue

Closed

opened 2026-03-01 14:44:42 +03:00 by kerem · 3 comments

kerem commented

2026-03-01 14:44:42 +03:00

Owner

Originally created by @JamieSlome on GitHub (Feb 23, 2022).
Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/934

Hey there!

I belong to an open source security research community, and a member (@noobexploiterhuntrdev) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

Originally created by @JamieSlome on GitHub (Feb 23, 2022). Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/934 Hey there! I belong to an open source security research community, and a member (@noobexploiterhuntrdev) has found an issue, but doesn’t know the best way to disclose it. If not a hassle, might you kindly add a `SECURITY.md` file with an email, or another contact method? GitHub [recommends](https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository) this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future. Thank you for your consideration, and I look forward to hearing from you! (cc @huntr-helper)

kerem

2026-03-01 14:44:42 +03:00

closed this issue
added the
why: security
label

kerem commented

2026-03-01 14:44:43 +03:00

Author

Owner

@pirate commented on GitHub (Mar 13, 2022):

email: <REDACTED> (use this page instead now) or twitter DM @ArchiveBoxApp

@pirate commented on GitHub (Mar 13, 2022): email: `<REDACTED>` (use [this page](https://github.com/ArchiveBox/ArchiveBox/security) instead now) or twitter DM `@ArchiveBoxApp`

kerem commented

2026-03-01 14:44:43 +03:00

Author

Owner

@JamieSlome commented on GitHub (Mar 13, 2022):

@pirate - thanks for sharing this 👍

I will get an e-mail over to you shortly. In the meantime, you can view the reports directly here:
https://huntr.dev/bounties/a640b898-4350-4289-84e9-8dc3f5f15e48/
https://huntr.dev/bounties/104c4e7f-6301-46f1-94e2-aa8aba0a07fe/

They are both private and only accessible to maintainers with repository write permissions. If you have any questions, let me know.

@JamieSlome commented on GitHub (Mar 13, 2022): @pirate - thanks for sharing this 👍 I will get an e-mail over to you shortly. In the meantime, you can view the reports directly here: https://huntr.dev/bounties/a640b898-4350-4289-84e9-8dc3f5f15e48/ https://huntr.dev/bounties/104c4e7f-6301-46f1-94e2-aa8aba0a07fe/ They are both private and only accessible to maintainers with repository write permissions. If you have any questions, let me know.

kerem commented

2026-03-01 14:44:44 +03:00

Author

Owner

@pirate commented on GitHub (Jan 19, 2024):

For anyone who sees this in the future, security reports are now handled through github: https://github.com/ArchiveBox/ArchiveBox/security

@pirate commented on GitHub (Jan 19, 2024): For anyone who sees this in the future, security reports are now handled through github: https://github.com/ArchiveBox/ArchiveBox/security

kerem referenced this issue

2026-03-01 14:48:58 +03:00

[PR #580] [MERGED] Draft PR to Add Archive Mode Options to Web UI #1234

kerem referenced this issue

2026-03-01 17:54:29 +03:00

[GH-ISSUE #579] Feature Request: Allow config of the "add archive" action from the web UI #1872

kerem referenced this issue

2026-03-01 18:00:38 +03:00

[PR #580] Draft PR to Add Archive Mode Options to Web UI #2745

kerem referenced this issue

2026-03-14 22:31:30 +03:00

[GH-ISSUE #579] Feature Request: Allow config of the "add archive" action from the web UI #3383