Comment to 'Is the UNA Staff out on a prolonged holiday break?'

Comment to Is the UNA Staff out on a prolonged holiday break?

· EgiX

· 26 Mar 2025
@LoneTreeLeaf if the answer to your question is YES, then you all might be at serious risk! That's because I tried to reach out to the UNA Staff three hours ago, and it's about a critical security vulnerability I discovered today within the UNA platform. Given the critical nature of this issue, I hope they will promptly react to the matter... BTW, do you think I should open a new "Discussion" about that?
- · LoneTreeLeaf
  
  · In reply to
  
  EgiX
  
  · 27 Mar 2025
  If it's a security hole, you might wanna submit an issue on their GIT repo.
  https://github.com/unacms/una/issues
- · EgiX
  
  · In reply to
  
  LoneTreeLeaf
  
  · 27 Mar 2025
  I don't think that's the right way for reporting security holes, otherwise the bug details might become publicly visible to anyone before a patch will be available, leading to 0-day exploitation.
  Anyway, I've already shared the bug details with @Andrey Yasko via email.