5 points | by xmrcat 5 hours ago
3 comments
Authors article:
How to Know if Someone is Invisible on Discord (WebSocket API Leak)
https://xmrcat.org/discord-invisibility-bypass
But also
> violating the 24h promise on their own page
Their page reports: Vulnerability reports will always be responded to as fast as possible - usually within 24 hours.
That's not a promise. I agree regarding the sentiment: "Discord moved to a private, invite-only bounty"... and "refuse to hand over my ID".
Usually discord ignores all issues related to invisibility leaks but responds very fast to other types of issues which is why i decided not to wait for weeks for a fix, instead publish it and watch it get fixed.
Authors article:
How to Know if Someone is Invisible on Discord (WebSocket API Leak)
https://xmrcat.org/discord-invisibility-bypass
But also
> violating the 24h promise on their own page
Their page reports: Vulnerability reports will always be responded to as fast as possible - usually within 24 hours.
That's not a promise. I agree regarding the sentiment: "Discord moved to a private, invite-only bounty"... and "refuse to hand over my ID".
Usually discord ignores all issues related to invisibility leaks but responds very fast to other types of issues which is why i decided not to wait for weeks for a fix, instead publish it and watch it get fixed.