Answer the question
In order to leave comments, you need to log in
Found a vulnerability?
In general, I found a vulnerability on a large site that allows you to find out the to do list of each department (it is compiled by the employer)
Well, for example, in city A there is a department of this company (which has a vulnerability on the site) and I can see what tasks the employer gave to a certain department, for example, programmers or designers
Well, for example, you can find out that the design department was instructed to come up with a new style of caps, etc.
It seems like the information is confidential, but not so much
So, what will happen to me if this company sues me
PS see to do sheet I can only for the whole department, not for an individual
Answer the question
In order to leave comments, you need to log in
If a vulnerability is discovered by accident, nothing will happen to you for it, it's another matter when you intentionally use it.
Check if this project has a vulnerability bounty program.
If it is not there, then it is illegal to use it on your own. But if the site is large, then you can try to sell.
Just kill it. You want the best, but you get a deadline. Just forget you found something. If they do not have bug bounty programs, and you are not sure that you will be kissed for the vulnerability, then forget everything you saw. Benefits of notification? none. Minuses? Prison term.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question