If a company wants a report deleted and the researcher wants to keep it, what happens?

Questions or suggestions about the platform
Post Reply
PauloChoupina
Posts:12
Joined:Tue Mar 12, 2019 10:53 pm
If a company wants a report deleted and the researcher wants to keep it, what happens?

Post by PauloChoupina » Fri Mar 06, 2020 12:57 pm

Hi, I'm just curious:

If a researcher reports a xss and the website owner wants the report deleted (for any reason), whats your policy in this cases?

I mean, if a website owner contacts you to delete a report, do you delete it? Even if it is against the researcher will?

Best regards and congrats on the amazing platform you got here,

secuninja
Posts:508
Joined:Fri Apr 28, 2017 2:34 pm

Re: If a company wants a report deleted and the researcher wants to keep it, what happens?

Post by secuninja » Sat Mar 07, 2020 9:10 pm

be nice. it's the owners website... so if they dont want to have this information published that's fine for me.
you can ask admin for deleting details and just keep the meta record.

metamorfosec_id
Posts:269
Joined:Mon Apr 30, 2018 7:35 am

Re: If a company wants a report deleted and the researcher wants to keep it, what happens?

Post by metamorfosec_id » Sun Mar 08, 2020 2:04 pm

I always contact OBB via contact form to make the submissions as Private if website owners do not want to see the reports as Public..

After that, I inform the website owners regarding the old submission URL (it will produce 404 error page) and the new submission URL (it will contain secret URL).

User avatar
geeknik
Posts:47
Joined:Tue Nov 24, 2015 7:08 pm
Contact:

Re: If a company wants a report deleted and the researcher wants to keep it, what happens?

Post by geeknik » Wed Mar 11, 2020 4:37 pm

If a company wants me to delete the report, I delete it ASAP, no questions asked.

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests