Duke recognizes responsible disclosure

March 7, 2017

Researchers sometimes discover security vulnerabilities with university systems and networks, and Duke recognizes the value of identifying and remediating these issues, in accordance with the university’s responsible disclosure policy found here: https://security.duke.edu/policies/responsible-disclosure

We'd like to recognize Mikee for their efforts in uncovering three Cross-Site Scripting (XSS) vulnberabilites within two Duke University websites, alerting the IT Security Office of the issue and working with Duke IT security staff to remediate it. Efforts such as these ensure a more secure environment for all our users.

Mikee is a security researcher who can be contacted here:

twitter: @mcorral74

To report a security issue, please contact the us at security@duke.edu.