Have you seen a vulnerability in a Joomla extension being reported elsewhere, but it is not listed on the VEL?

If so, please report it to the VEL using our reporting form here: https://vel.joomla.org/submit-vel . It only takes a couple of minutes and it gives us an opportunity to investigate. While we do actively monitor other sites we cannot read the entire internet on a daily basis and it really helps if others take the time to do this.

Things not to do:-

  • ignore it
  • post it to boost your ego on Twitter, but do nothing to report it to the VEL

Remember that you are doing a service to the entire Joomla community in ensuring that accurate information is conveyed to users about extension vulnerabilities.