Is it worth talking about the vulnerabilities found?

A

Andrey Ivanov2017-10-14 17:26:11

Burglary protection

Andrey Ivanov, 2017-10-14 17:26:11

Hello, it turned out that for the last year I worked as a freelancer (website development and design), but recently there was a need for a permanent job, I found a suitable vacancy related to editing and promoting one portal in my area. I decided to check its vulnerabilities (the portal is written on a self-written engine). I found a couple of vulnerabilities with which you can access some of the site's functions. Should I talk about it in an interview? (The job is not related to security, but the vacancy is very tempting, which is why I got down to business) How legal are my actions? I'm not from the Russian Federation, but the legal ones are similar.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

Nikita, 2017-10-14
@Itkaz

Of course it's worth it. Actions do not formally look like legal ones, but no one will contact you if you have not broken anything.
With your inclinations, you need to be in resonance with the employer, so it's worth talking and seeing the reaction. If you are sent, then it will be inadequate, and you do not need to work with inadequate ones.

P

Puma Thailand, 2017-10-14
@opium

It depends on which company I always tell