Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Just thinking out loud. It is a clients website why can't you fix it or did the other you not want to?
-
makinet1998yWhat I'd do is wait a month. If after that they still haven't fixed it, make a blog post about finding it and warning all current and future developers about avoiding such issue. Then show that to the client and tell them you've already got a couple hundred views on it. If they're ignorant enough to ignore it for so long and they don't find it an issue, make it an issue. I'm not saying you need to write about your client in your blog post, I'm saying you should write about the bypass itself, describing how easy it was to find it and so on. Man, I'd love to write blog posts about finding bugs like that.
I detected a way to bypass login screen in client's website. I warned them. 48h later nothing changed...
undefined