If you find a vulnerability of any kind, please keep it in private and do not open a public issue.
To report it, send an email to info@aporia.com or one of the maintainers of the project.
The email should contain an explanation of the problem, how to reproduce it and (if applicable) a possible solution/patch.
Expect an answer within approximately 3 days.