I reported a XSS bug on your website and you did not ever bothered to revert back to me and fixed them without any reward.This is really unacceptable behaviour from your side.
If you want to do like this then why do you have your responsible disclosure program. You are exploiting the efforts made by the researchers and taking away the credits which they duly deserve. I should be rewarded for my findings
I reported the vulnerability before it was fixed with a working POC screenshot but you fixed it without even reverting back to me. So this is your policy to get all the bugs fixed and not bothering to tell the researcher who spent maybe days to find the vulnerability.
I’ve alerted Avast to this post. Let’s see if that helps.