I really wanted to get my name in the Zendesk website. At first when I saw the number of security researchers I got amazed and taught I would never be able to find anything. But I didn’t give up. I was able to find DOM XSS in the main website 🙂 I did not test their interface even just read all their arguments clearly and was able to find a poor sanitation in the JavaScript code.
Read more about their policy: http://www.zendesk.com/company/responsible-disclosure-policy
Zendesk swag is still on the way 😉 Thank you guys very much ! <3
update: On 16th of October I received the Zendesk swag. 😉
