If you believe you have discovered a vulnerability in ColdFront, please let us know. You can notify the ColdFront team by email at ccr-cfsec@buffalo.edu.
We disclose vulnerabilities found in ColdFront through notifications on our community channels. We encourage all users to monitor new releases of ColdFront for security information. Security patches are applied to the latest release.