From Miraheze Meta, Miraheze's central coordination wiki

    While Miraheze takes the security of their servers and data very seriously, we cannot guarantee a 100% security leak free MediaWiki environment.

    Report a security flaw

    If you think you have found a flaw in/on any Miraheze site, server, MediaWiki extension or anything that is ran on a Miraheze server, please email security(at) with as many details as possible. Do not discuss the flaw publicly. Depending on the affected service, it might be necessary to email security(at) - if you are in doubt who to email, contact us; we'll forward your email to Wikimedia if needed.

    As an alternative to email, you may login or create an account on our Phabricator with MediaWiki, GitHub, or a Phabricator specific account and then proceed to open a security related task using this form which hides it from the public view and adds the Security project so our team is notified of the task.