Netflix has Responsible Disclosure Policy and Hall Of Fame page for those who report a valid bug to them.
For this I am searching for a bug that is Valid and may be not a Duplicate issue. ALHAMDULILLAH ! , It is my luck that the reported issue got Valid and not reported previously by other researcher.
Here is Details:
During reconnaissance I got a domain (netflixprize.com), now I searching for a bug in it. I noticed that Password data is transmitted over HTTP. I report this issue to Netflix. They accepted it and remove the Login page because there is no more need of Login page in that domain.
Reporting Date: Jan/02/2014
Acknowledgement Date: Jan/02/2014
Issue fixed: Jan/03/2014
Listed Inside Netflix: Jan/04/2014
For this I am searching for a bug that is Valid and may be not a Duplicate issue. ALHAMDULILLAH ! , It is my luck that the reported issue got Valid and not reported previously by other researcher.
Here is Details:
During reconnaissance I got a domain (netflixprize.com), now I searching for a bug in it. I noticed that Password data is transmitted over HTTP. I report this issue to Netflix. They accepted it and remove the Login page because there is no more need of Login page in that domain.
Reporting Date: Jan/02/2014
Acknowledgement Date: Jan/02/2014
Issue fixed: Jan/03/2014
Listed Inside Netflix: Jan/04/2014