|
|
|
|
|
|
by akerl_
924 days ago
|
|
|
The normal way for the average company is basically what you're experiencing. Eventually you'll either get lucky and get a useful response, give up, or publish the vuln to the public. In medium/large tech companies, you'll often have a security@ or a bug bounty program or some other clear way to report a vuln, but without naming the company there's not much we can do to guess how to contact them. |
|
|