I've found some vulnerabilities on your website
Ethan Blanton
elb at pidgin.im
Thu Dec 28 10:38:27 EST 2017
Eric Head wrote:
> I've found some vulnerabilities on your website and I'd like to know if
> this is the proper channel to report them.
This is the proper channel.
Note that if you're using automated software that discovered things
like the following, it's not going to enhance your reputation as a
"prominent security researcher":
* Non-blocking of external frames
* Directories with auto-indexing enabled
* Visible .htaccess files that contain no sensitive information
Ethan
More information about the security
mailing list