You don’t want to get this kind of contact from @taviso.https://twitter.com/taviso/status/832744397800214528 …
-
-
-
Following up on this as people seem to have dug it up: maybe you do want this contact because one of the best just did free work for you.
-
wasn't free, read somewhere the top tier bounty was a t-shirt...
-
He wasn’t on staff, did this research/work before submitting it to them, and a t-shirt is as close to nothing/free as possible.
-
This was pretty much true public service.
End of conversation
New conversation -
-
-
can you post the request header combination that exposed this bug.
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
Email justin@cloudflare.com or evan@cloudflare.com.
-
Thanks, report on way.
-
Thanks Tavis.
End of conversation
New conversation -
-
-
Hi Tavis; vulnerability reports can be submitted through HackerOne: https://hackerone.com/cloudflare Does this work for you?
-
Not this time, it's an infrastructure issue.
-
Feel free to drop me an email to junadeATcloudflareDOTcom and I'll forward to our security incident team.
End of conversation
New conversation -
-
-
Apparently the answer was yes and rightly so.
-
I wasn't from cloudflare security
-
Hey sorry I was trying to be funny but didn't give any context. My bad lol
-
me too lol
End of conversation
New conversation -
-
.
@taviso found one of the most pervasive leaks in history and all he got was this lousy t-shirt.pic.twitter.com/t22kVCvc4q
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
omg! You totally wrecked
@Cloudflare by attracting hackers to security breach and now it's public. -
Additionally, a major effort is underway to scrub web cache datasets of affected data and its going well
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.