While sending a security vulnerability to "cve@forums.swift.org", I found the below bounce back reply.
We're sorry, but your email message to ["cve@forums.swift.org"] (titled REDACTED) didn't work.
Your reply was sent from an unknown email address. Try sending from another email address, or contact a staff member.
So, was my email sent or is there any other way to contact the SWIFT security team?
Thanks!
Did you find a security vulnerability in Discord? Or in the web server hosting this Discord instance?
Its in the " swift-corelibs-foundation" source. Is there way I can send it again to some other email ID?
Apple accepts security vulnerability reports via the avenues outlined here. It appears the preferred report mechanism is the web portal, though reports are also accepted to the email product-security@apple.com. You could try those since the "cve@" email does not appear to be working.
cc @mishal_shah would you be the right person to ping about this email (apparently) no longer accepting reports? It's still listed as current on the Swift.org security page.
Thanks Mishal, I have sent it again.
Looks like it was rejected again (Email::Receiver::UserNotFoundError)
Are you able to send message using this link? CVE Message
Thanks! Sorry for the extra work.
I have sent the vulnerability details using the above link.
Thank you!