But is it my responsibility to spend time reporting this to them? Should I leave the vulnerability for others to take advantage of, if they come across it? How do I know that others aren't already doing so?
With this specific vulnerability it could be used it to build an address book of emails, {home,work}addresses, telephone numbers etc; given the nature of the app.
But is it my responsibility to spend time reporting this to them? Should I leave the vulnerability for others to take advantage of, if they come across it? How do I know that others aren't already doing so?
With this specific vulnerability it could be used it to build an address book of emails, {home,work}addresses, telephone numbers etc; given the nature of the app.