If you identify a vulnerability in Volume for B, do not open a public issue with exploitable details.
- use GitHub private vulnerability reporting if it is available in the repository
- if it is not available, contact the project through GitHub without publishing payloads, tokens, or full exploitation steps
- a concise description of the issue
- expected impact
- browser and version used
- steps to reproduce
- minimal evidence, such as logs or screenshots
This document covers vulnerabilities in the extension, the published documentation, and the versioned build process in the repository.
For general support, usage questions, or suggestions, see SUPPORT.md.