How do i report security bugs in Pimcore?

I cant seem to find a contact mail for disclosure and probably it is not a good idea to create a github issue for it … also only affects v4 in special conditions

https://pimcorehq.wufoo.com/forms/pimcore-security-report/

thx … would be a good idea to link this on pimcore website

it is on github: github.com/pimcore/pimcore