[OWASP-Bangalore] Why full/public disclosure of WebAppSec hack/vulnerability !

Raxit Sheth raxitsheth2000 at gmail.com
Thu Jun 25 12:07:13 EDT 2009

Hi Guys

On this sunday(21st jun 2k9), found few critical personal data open on
Outlook Money website  which i twitted After it has been fixed etc.. [i.e.
first it is fixed and then i twitted !!! just to avoid any confusion.]

Now i just wanted to know why to put disclosure or bring this to public
(After it has been fixed !) ?  [if they are not fixing and to force them to
fix, doing public disclsure is fine ...But once they have done the fix...
Should one ?]

Open for thoughts !

-Raxit Sheth
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090625/1e01c402/attachment.html 

More information about the OWASP-Bangalore mailing list