|
|
|
|
|
|
by TomAnthony
1691 days ago
|
|
|
In 2017 I found a security issue with the Tesco website. It was a minor security issue, but I could see they had _attempted_ to stop people doing what I could do. I did manage to find an email address, but I got a templated response, and when I checked a year later it was still not fixed. Sure, it was a minor issue, but I was surprised Tesco didn't have a proper Vulnerability Disclosure Program or Bug Bounty program. A bug bounty program is an inexpensive way to avoid exactly this sort of issue. |
|
|