Skip to content

Clarify whether GitHub vulnerability reporting or email to security@ is preferred for security bug reports #16323

New issue
New issue
Closed
#16332
Closed
Clarify whether GitHub vulnerability reporting or email to security@ is preferred for security bug reports#16323
#16332
Assignees
dewi-tik
Labels
documentationImprovements or additions to documentation
@strugee

Description

@strugee
strugee
opened on Aug 22, 2025

https://docs.goauthentik.io/docs/security/policy/#reporting-a-vulnerability instructs researchers to report security issues by email. But, https://docs.goauthentik.io/docs/security/policy/#disclosure-process references GitHub, and indeed GitHub's private vulnerability reporting feature is available on this repository.

Provide the URL or link to the exact page in the documentation to which you are referring.

https://docs.goauthentik.io/docs/security/policy/

Describe the solution you'd like

Clarify which is preferred, GitHub or email (or that both are fine).

Additional context

None

Metadata

Metadata

Assignees

Labels

documentationImprovements or additions to documentation

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions