report bug

ayoub nait lamine ayoub.naitlamine1 at
Tue Mar 25 12:15:47 EDT 2014

2014-03-25 16:04 GMT+00:00 Ethan Blanton <elb at>:

> ayoub nait lamine spake unto us the following wisdom:
> > Hello, I am a researcher of security, wanted to reveal a security
> > vulnerability responsibility, which is found in the website of your.
> Below
> > is a snapshot.
> We are going to have trouble fixing, or even identifying, this problem
> from just a screen shot.  Can you tell us how you achieved it?  I
> assume the problem is that you were able to enter a snippet of
> Javascript as an email address, and it was executed in your browser?
> > I want to be rewarded or put my name on the list of special ethical
> hacker
> > your website
> You probably want to report this vulnerability to the Trac project
> ( for this.  We did not write and do not maintain
> trac, we simply use it on  While there is no such
> list per se, there are public vulnerability disclosures, and they
> normally include the discoverer of a vulnerability.  However, it is
> not our place to disclose vulnerabilities in trac, as trac will want
> to coordinate the disclosure with many users and packagers of their
> system, not just Pidgin.
> Ethan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xss in
Type: video/mp4
Size: 1010388 bytes
Desc: not available
URL: <>

More information about the security mailing list