[TASK] Mention demo project and GitHub report feature

TYPO3 · Nov 26, 2022 · b97ef20 · b97ef20
1 parent 1b5eed3
commit b97ef20
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -132,7 +132,13 @@ In general the TYPO3 core is released under the GNU General Public License versi
 incompatibilities this package is licenced under the MIT License. In case  you
 duplicate or modify source code, credits are not required but really appreciated.
 
+## Local Testing
+
+Composer project [oliverhader/html-sanitizer-demo](https://github.com/ohader/html-sanitizer-demo)
+offers a local development server to ease manual testing for potentially vulnerable XSS payloads.
+
 ## Security Contact
 
-In case of finding additional security issues in the TYPO3 project or in this package  in particular,
-please get in touch with the [TYPO3 Security Team](mailto:[email protected]).
+In case of finding additional security issues in the TYPO3 project or in this package in particular,
+please get in touch with the [TYPO3 Security Team](mailto:[email protected]), or directly
+[report a vulnerability via GitHub](https://github.com/TYPO3/html-sanitizer/security/advisories/new).