Hacker News new | ask | show | jobs
by TheDong 2132 days ago
It's not you that hurt the users, it's the company for not being able to competently route, schedule, and fix their issue.

The reporter is only to blame if they actively exploit the vulnerability in order to harm users, not if they publish it publicly, with or without advanced notice to the company.
1 comments
vlovich123 2132 days ago
Or the bug fix can be hard to implement, test, and release in 3 months. I’m not saying it’s the majority of bugs but these could qualify
link