The project team and community take the security of this project seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
We are committed to providing security updates for the latest stable version of the userscript.
| Version | Supported |
|---|---|
| 3.x.x | ✅ |
| < 3.0.0 | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them privately. This project has enabled GitHub's private vulnerability reporting feature, which allows us to assess the vulnerability and work on a fix before it is publicly disclosed.
You can submit a report by going to the "Security" tab of the repository and clicking on "Report a vulnerability".
When reporting a vulnerability, please provide the following information:
- A clear and concise description of the vulnerability.
- Steps to reproduce the vulnerability.
- The version of the userscript affected.
- Your environment details (Browser, Userscript Manager, etc.).
We will do our best to respond to your report within 48 hours and will keep you informed of our progress. We will publicly acknowledge your contribution once the vulnerability has been patched.