I would appreciate your efforts to disclose your findings.
** Please do NOT report security vulnerabilities through public GitHub issues. **
If you believe you have found a security vulnerability, then please report it to ityetti@gmail.com so your findings can be investigated, and if confirmed, fixed and released in a timely manner.