"We do not consider this to be a security issue since the real customer accounts... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

simonw on Dec 15, 2023 | parent | context | favorite | on: Data exfiltration from Writer.com with indirect pr...

"We do not consider this to be a security issue since the real customer accounts do not have access to any website."

That's a shockingly poor response from Writer.com - clearly shows that they don't understand the vulnerability, despite having it clearly explained to them (including additional video demos).

ryandrake on Dec 15, 2023 [–]

Makes you wonder whether they even handed it to their security team, or if this was just a response written by a PR intern whose job is projecting perpetual optimism.

nvr219 on Dec 16, 2023 | [–]

They probably used their own app to generate the response.

behnamoh on Dec 16, 2023 | | [–]

And while they were using their own app they got hacked!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact