SPDX-License-Identifier: AGPL-3.0-or-later

Please report security issues privately rather than opening a public issue:

• Email contact@etherpad.org, or
• Use GitHub's private vulnerability reporting (the Report a vulnerability button on the repository's Security tab).

We'll acknowledge your report and keep you posted on the fix.