Please send a detailed mail to [email protected] to report vulnerabilities.

Even when unsure whether the bug in question is an exploitable vulnerability, it is recommended to send the report to [email protected] (and obviously not to discuss the issue anywhere else).