@n33dle and I found a security vulnerability within the bonita-studio project. We were hoping to get a core maintainer's contact details to responsibly disclose this vulnerability.
I’m closing this issue. If you need to report a security issue please use the email address mentioned in the above comments, for other types of issues please report them as a new Jira issue. Thanks.