We always recommend using the latest version of the Phase Console to ensure you get all security updates.
Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public!
Phase takes security issues very seriously. If you have any concerns about Phase or believe you have uncovered a vulnerability, please get in touch via the e-mail address [email protected]. You can see our security.txt for GPG keys and to communicate securely with us. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible.
Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly.