If you think or suspect that you have discovered a new security vulnerability in this project, please do not disclose it on GitHub, e.g. in an issue, a PR, or a discussion. Any such disclosure will be removed/deleted on sight, to promote orderly disclosure, as per the Eclipse Foundation Vulnerability Reporting Policy.
We recommend that in case of suspected vulnerabilities you do not use the EMF.cloud Coffee Editor IDE public issue tracker, but instead contact the Eclipse Security Team directly via security@eclipse.org. Make sure to provide a concise description of the issue, a CWE, and other supporting information.