|
|
|
|
|
|
by nedt
120 days ago
|
|
|
It's not only about pressure, but also telling all the people whose data can be read AKA the public. And still it's also about the pressure. I was found a pretty bad injections/XSS in an online banking website. Told them, got no response. After waiting blogged about it (without specifying what he actual issue is). Then someone contacted me and said I need to take down the wrong information. Send back a PoC and only then they started fixing it. In the meanwhile every customer could have gotten emails stealing their login data. |
|
|