If you discover a security vulnerability in Horizon, please do not open a public issue. Instead, please report it privately by email: thysrael@gmail.com
Please include:
- A clear description of the issue
- Steps to reproduce the problem
- The affected version, commit, or environment
- Any proof-of-concept, screenshots, or logs that may help
I will try to:
- Acknowledge receipt within 7 days
- Investigate and validate the report
- Work on a fix and coordinate responsible disclosure when appropriate
Security updates are provided for the latest maintained version of Horizon.
Please avoid public disclosure until I have had a reasonable opportunity to investigate and release a fix.