I identified potential security vulnerabilities in product.
I am committed to working with you to help resolve these issues. In this report you will find everything you need to effectively coordinate a resolution of these issues.
If at any point you have concerns or questions about this process, please do not hesitate to reach out to me at [email].
If you are NOT the correct point of contact for this report, please let me know!
Short summary of the problem. Make the impact and severity as clear as possible. For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server.
[version]
Give all details on the vulnerability.
Complete instructions, including specific configuration details, to reproduce the vulnerability
Propose a remediation suggestion if you have one. Make it clear that this is just a suggestion, as the maintainer might have a better idea to fix the issue.
List all researchers who contributed to this disclosure. If you found the vulnerability with a specific tool, you can also credit this tool.