How to report a SonarQube security vulnerability?

I found a security vulnerability in the latest version of SonarQube. What is the process for reporting it, so it can be fixed prior to public disclosure.

Hi,

Welcome to the community & thanks for asking!

I think this is what you’re looking for:

 
Ann