The GitHub Security Lab team has found a potential vulnerability in Nuxeo. Please, let us know how to report the details privately. Alternatively , create a GitHub Security Advisory and invite me (pwntester) in to further disclose and discuss the vulnerability details and potential fix.
Kind regards, Alvaro Muñoz
GitHub Security Lab
Hi Alvaro, Could you send an email to firstname.lastname@example.org for private communication about security-related issues? Thanks. Florent