There’s a limit of responsible disclosure, I usually do 90 days after report. Make sure you do numerous follow ups if they fail to respond and inform them you’ll be disclosing in 90 days if they fail to provide a patch.
If they disagree it’s a vulnerability, then let the internet decide in your public disclosure.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
There’s a limit of responsible disclosure, I usually do 90 days after report. Make sure you do numerous follow ups if they fail to respond and inform them you’ll be disclosing in 90 days if they fail to provide a patch.
If they disagree it’s a vulnerability, then let the internet decide in your public disclosure.