Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Vishal Saini on April 15, 2020, 02:42:19 PM

Title: Fixed the bug without responding
Post by: Vishal Saini on April 15, 2020, 02:42:19 PM

I reported a XSS bug on your website and you did not ever bothered to revert back to me and fixed them without any reward.This is really unacceptable behaviour from your side.
If you want to do like this then why do you have your responsible disclosure program. You are exploiting the efforts made by the researchers and taking away the credits which they duly deserve. I should be rewarded for my findings
I reported the vulnerability before it was fixed with a working POC screenshot but you fixed it without even reverting back to me. So this is your policy to get all the bugs fixed and not bothering to tell the researcher who spent maybe days to find the vulnerability.

Title: Re: Fixed the bug without responding
Post by: bob3160 on April 15, 2020, 06:06:13 PM

I've alerted Avast to this post. Let's see if that helps.