Comment by tedivm
2 years ago
I reported a different security issue to github, and they responded the same (although they ultimately ended up fixing it when I told them I was going to blog about the "intended behavior").
2 years ago
I reported a different security issue to github, and they responded the same (although they ultimately ended up fixing it when I told them I was going to blog about the "intended behavior").
What "intended behaviour" was that, specifically?
Did you end up getting a bug bounty out of it?