If you have found a vulnerability, please DO NOT file a public issue. Please send us your report privately either via:

• SecureDrop's public bug bounty program managed by Bugcrowd
• Email to security@freedom.press (Optionally GPG-encrypted to 734F6E707434ECA6C007E1AE82BD6C9616DABB79)