At least you’re reporting legit vulnerabilities. Meanwhile I’m over here swarmed by “vulnerability reports” about SPF for a fukken subdomain that never gets used for email, and has it configured correctly already 😑
I have reported a few vulnerabilities in the last years, but sometimes it is hard to judge whether or not it is a real vulnerability or just a minor bug.
But I’d rather report one bug too much than keep silent about it.
At least you’re reporting legit vulnerabilities. Meanwhile I’m over here swarmed by “vulnerability reports” about SPF for a fukken subdomain that never gets used for email, and has it configured correctly already 😑
You should look up Beg Bounties by the guy that does haveibeenpwned
Edit: here it is for others to see
https://www.troyhunt.com/beg-bounties/
I’ve not heard of it, I’ll check it out!
I have reported a few vulnerabilities in the last years, but sometimes it is hard to judge whether or not it is a real vulnerability or just a minor bug.
But I’d rather report one bug too much than keep silent about it.