Hacker News new | ask | show | jobs
by throwawaymath 2386 days ago
It is standard in the sense that it's not uncommon. But about as frequently it's not a requirement. Many companies allow complete or partial vulnerability disclosure once resolution is complete. It's often on a case by case basis and requires approval.
1 comments
cortesoft 2386 days ago
Oh, I thought that was what you meant (until resolution).. didn't realize they block disclosure forever
link