Please note that this repo is purely for demonstration purposes, and is provided "as-is".
This repo leverages GitHub's private vulnerability reporting. To learn more about this feature and how to submit a vulnerability report, review GitHub's documentation on private reporting.
Here are some helpful details to include in your report:
- a detailed description of the issue
- the steps required to reproduce the issue
- versions of the project that may be affected by the issue
- if known, any mitigations for the issue
Given the demo nature of this project, we do not make any commitments to the timeframe within which reports will receive a response.
If you've been unable to successfully draft a vulnerability report via GitHub or have other concerns about the security of this demo repo, please reach out via the Cisco Open security contact email.
Maintainers may choose to act on a disclosure report, but given the "as-is" nature of this demo project, no commitments are made.
If you have suggestions on how this process could be improved please submit an issue or pull request.