[WEB SECURITY] Reporting a security vulnerability

["Moody Shensky" <moodyshensky@xxxxxxxxx>]

------=_Part_5525_12263124.1205782055773
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi All,

For security researchers who work independently, how does the process of
reporting newly discovered vulnerabilities (known issues like XSS, SQLi etc.
but in new libraries) actually work? Is there a document/guideline that I
can look at as a starting point? I have read about full-disclosure (RFP)
policy and others but for web application security issue, is there a special
way of doing this?

I am looking for some advice and a starting point in this matter.

Thanks in advance!


- m00dy -

------=_Part_5525_12263124.1205782055773
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi All, <br><br>For security researchers who work independently, how does the process of reporting newly discovered vulnerabilities (known issues like XSS, SQLi etc. but in new libraries) actually work? Is there a document/guideline that I can look at as a starting point? I have read about full-disclosure (RFP) policy and others but for web application security issue, is there a special way of doing this? <br>
<br>I am looking for some advice and a starting point in this matter.<br><br>Thanks in advance!<br><br><br>- m00dy -<br>

------=_Part_5525_12263124.1205782055773--