François Renaud-Philippon disclosed the vulnerability to Pi-hole LLC on February 10, 2020.
Pi-hole LLC acknowledged receiving the report on February 10, 2020.
Pi-hole LLC fixed the vulnerability with the release of Pi-hole Web interface 4.3.3 on February 18, 2020.
Pi-hole LLC authorized public disclosure on February 19, 2020.