Comment by arendtio

Are you not allowed to discuss a vulnerability you found when it is considered out of scope?

I mean it sounds weird to argue that you won't pay, but do not allow the person to talk about it anyway. Even more so if the person communicated with affected companies instead of some darknet marketplace.