Only the latest released version of Send2Mealie is supported with security updates.
If you discover a security vulnerability, please report it responsibly.
- Open a public GitHub issue.
- Include:
- Extension version
- Chrome version
- Steps to reproduce
- Any relevant logs or screenshots
We will acknowledge receipt within a reasonable timeframe and work to assess and remediate the issue.
The following are considered in scope:
- Unauthorized access to user-approved sites
- Credential leakage or improper storage
- Unintended network requests
- Privilege escalation within the extension
The following are out of scope:
- Vulnerabilities in third-party websites
- Issues in the Mealie server itself
We request reasonable time to investigate and address reported issues before public disclosure.