If you discover a security vulnerability in this project, please do not open a public GitHub issue.
Report it privately to the VTEX security team:
Email: security@vtex.com
Please include:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue
- Any relevant logs, screenshots, or proof-of-concept code
We will acknowledge receipt within 5 business days and aim to resolve critical issues within 30 days.
Only the latest published version of this app is actively supported with security fixes.
This policy covers the source code in this repository. Runtime infrastructure operated by VTEX is outside this scope and should be reported via the same email.