Due to the nature of our project - being open source - we have decided to patch only the latest major release (currently v1.x) for security vulnerabilities.
Please use our website for security issues that affect our project. If you believe you have found a vulnerability, please disclose it via our website. You can also disclose security issues by mailing [email protected].
Any submitted security issue will be checked thoroughly by our development team. A fix for the issue and a transparent information on GitHub about the issue existing will be released. You can view any previously identified issues on our GitHub Security Page. New major versions of Flarum will also receive a security audit to verify our efforts on providing a secure application.