Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Solved
Security Concern Want To Talk In Private.
Hello , My name is Mujtaba and i am a researcher in bugcrowd as galacticocean . i want to talk in private about a critical vulnerability that i have found in dropbox . you can give me an email address or make this post private if this is an option .
Hey GalacticOcean, sorry for jumping in.
To report a bug/potential vulnerability to the relevant department directly, I’d suggest doing so via Bugcrown, as mentioned here.
Thanks!
4 Replies
Replies have been turned off for this discussion
- Megan
Dropbox Community Moderator
Hey there, GalacticOcean, I hope you're doing well!
As a starting point you can have a look at this article.
Now as for your request, would you be able to share some generic info here with us, in order to understand better what it is that you're looking for?
Let me know more, and we'll take it from there!
- Can you provide me email address so we can talk this in private without publicly disclosing .
I have found files in a dropbox subdomain website . which can contain sensitive info like email address , password of accounts and etc which are acquired by dropbox from the customers. These files are blank because some these files are written in server side language and some are configured in a way that a user can not see it . There is no barrier between the files and the user . user can access these files anytime without login . if you want to know the files name . ask me .
- Nancy
Hey GalacticOcean, sorry for jumping in.
To report a bug/potential vulnerability to the relevant department directly, I’d suggest doing so via Bugcrown, as mentioned here.
Thanks!
