report bug

ayoub nait lamine ayoub.naitlamine1 at
Thu Mar 27 13:56:13 EDT 2014

2014-03-25 16:15 GMT+00:00 ayoub nait lamine <ayoub.naitlamine1 at>:

> 2014-03-25 16:04 GMT+00:00 Ethan Blanton <elb at>:
> ayoub nait lamine spake unto us the following wisdom:
>> > Hello, I am a researcher of security, wanted to reveal a security
>> > vulnerability responsibility, which is found in the website of your.
>> Below
>> > is a snapshot.
>> We are going to have trouble fixing, or even identifying, this problem
>> from just a screen shot.  Can you tell us how you achieved it?  I
>> assume the problem is that you were able to enter a snippet of
>> Javascript as an email address, and it was executed in your browser?
>> > I want to be rewarded or put my name on the list of special ethical
>> hacker
>> > your website
>> You probably want to report this vulnerability to the Trac project
>> ( for this.  We did not write and do not maintain
>> trac, we simply use it on  While there is no such
>> list per se, there are public vulnerability disclosures, and they
>> normally include the discoverer of a vulnerability.  However, it is
>> not our place to disclose vulnerabilities in trac, as trac will want
>> to coordinate the disclosure with many users and packagers of their
>> system, not just Pidgin.
>> Ethan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the security mailing list