Adobe Systems Incorporated is an American multinational computer software company. The company is headquartered in San Jose, California, United States. Adobe has historically focused upon the creation of multimedia and creativity software products, with a more recent foray towards rich Internet application software development. It is best known for Photoshop, an image editing software, Acrobat Reader, the Portable Document Format(PDF) and Adobe Creative Suite, as well as its successor Adobe Creative Cloud.
I generally wanted to test their security and need to be a piece of authority Adobe security researcher’s. This time HackerOne provided me a chance to do as such. As Adobe security administration group keeps running on HackerOne HackerOne HackerOne and I wanted to test their web application. Adobe has the most tremendous scope as indicated by HackerOne and it has settled circuitous more than one thousand or more reports
On 24th August 2016 I reported security vulnerability to Adobe related with SPF and DMARC records which may leads to Email address spoofing. This one is the same as I established in Magento.
After three days their security team member marked that report to triaged.
That was a good minute for me, I was truly cheerful on the grounds because that was my first report that got triaged in HackerOne. But after that who knows they took as much time to resolve, Be patience, my patience. I got some information about updates after month that they are still working on it and inform me once it get fixed. Affirm! It took over more than five months now however they didn’t responded about any updates or inquires. One day all of a sudden I opened my HackerOne account and investigate my triaged reports. This one is the special case that keep going so long. I retried to test it and what I established is that it is not predicable from my side. I pinged them once again and requested updates. Following one day they marked it as resolved because it is not producible anymore
As per HackeOne policy researcher automatically featured in team hall of fame if reports get resolve. I got recorded in Adobe’s Hall of Fame and that was my great experience.
I would like to Thank adobe security team and I would also like to thank you for your precious time. If you have any questions or suggestions then please use the comment form below and let me know. I always appreciate your comments and suggestions.