Security is the number one priority for cert-manager. If you think you've found a vulnerability in the cert-manager website, or in any cert-manager project, please follow the vulnerability reporting process documented in the main cert-manager repository.