submit bug report:https://www.codeigniter.com/CodeIgniter security research
CodeIgniter is a powerful open-source PHP framework with a very small footprint, built for developers who need a simple and elegant toolkit to create full-featured web applications.
CodeIgniter recognizes the important contributions that the security community currently makes and can make in the future. We want to make sure that we find any security issues in our open-source project, so we can fix them as soon as possible! If you find vulnerabilities in our framework, we’ll be glad to hear about it here on HackerOne or in our security mailbox at security@codeigniter.com.
In scope
We are interested in all (security-related) bugs in our framework. The source code of CodeIgniter can be found on GitHub at
https://github.com/bcit-ci/CodeIgniter.
Security-related bugs about our website at codeigniter.com are also welcome, but our main priority is our framework since it’s used by thousands of developers around the world who depend on it. If you decide to research our website, please do not use automated scanners and read the "out of scope" section carefully!
