|
|
|
|
|
|
by dacort
5567 days ago
|
|
|
As a former web application security guy, and now developer, identifying and disclosing vulnerabilities on websites is still very much a troubled area. Most companies don't have proper security@ email addresses set up or monitored, and still don't take kindly to vulns being reported. That said, publicly disclosing a flaw in addition to defacing the website, even temporarily, is certainly not a classy way to go about it. |
|
|