Have you seen a vulnerability in a Joomla extension being reported elsewhere, but it is not listed on the VEL?
If so, please report it to the VEL using our reporting form here: https://vel.joomla.org/submit-vel . It only takes a couple of minutes and it gives us an opportunity to investigate. While we do actively monitor other sites we cannot read the entire internet on a daily basis and it really helps if others take the time to do this.
Things not to do:-
- ignore it
- post it to boost your ego on Twitter, but do nothing to report it to the VEL
Remember that you are doing a service to the entire Joomla community in ensuring that accurate information is conveyed to users about extension vulnerabilities.