If you have found a security issue, please email evan [at] actionherojs.com. Do not post a Github Issue so we can properly patch the issue before disclosing publicly.