Responsible disclosure @ Lucee?!


Hi there,
I have some issues with the Lucee admin security, and want to report a security issue/bug about it. I can’t find any information on how to report a security issue to Lucee responsibly.
Off course there is Jira, but it unfortunately always shows the issues online.

So, my question is: how to do responsible disclosure to Lucee?

And, my suggestion is: put the answer on your website as well :wink:

Thanks, kind regards,

Paul Klinkenberg


You should be able to email and the correspondence will be escalated to the relevant parties internally at LAS. Alternately, you could try private messaging Patrick the Product Manager at @IamSigmund


Thanks Geoff. I mailed him now :slight_smile: