cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Security Concern Want To Talk In Private.

Security Concern Want To Talk In Private.

GalacticOcean
New member | Level 2

Hello , My name is Mujtaba and i am a researcher in bugcrowd as galacticocean . i want to talk in private about a critical vulnerability that i have found in dropbox . you can give me an email address or make this post private if this is an option .

1 Accepted Solution

Accepted Solutions

Nancy
Dropbox Staff

Hey @GalacticOcean, sorry for jumping in. 

 

To report a bug/potential vulnerability to the relevant department directly, I’d suggest doing so via Bugcrown, as mentioned here.

 

Thanks!


Nancy
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

View solution in original post

4 Replies 4

Megan
Dropbox Staff

Hey there, @GalacticOcean, I hope you're doing well!

 

As a starting point you can have a look at this article. 

 

Now as for your request, would you be able to share some generic info here with us, in order to understand better what it is that you're looking for? 

 

Let me know more, and we'll take it from there! 


Megan
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

GalacticOcean
New member | Level 2
Can you provide me email address so we can talk this in private without publicly disclosing .

GalacticOcean
New member | Level 2

I have found files in a dropbox subdomain website . which can contain sensitive info like email address , password of accounts and etc which are acquired by dropbox from the customers. These files are blank because some these files are written in server side language and some are configured in a way that a user can not see it . There is no barrier between  the files and the user . user can access these files anytime without login . if you want to know the files name . ask me . 

Nancy
Dropbox Staff

Hey @GalacticOcean, sorry for jumping in. 

 

To report a bug/potential vulnerability to the relevant department directly, I’d suggest doing so via Bugcrown, as mentioned here.

 

Thanks!


Nancy
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

Need more support?