A story by Dominic Szablewski on how he find vulnerabilities and bugs on Digg, he even got a messages from Joe Stump, lead Architect from Digg. unfortunately for him, his Digg Story about all of this was hindered from reaching the front page even after all critical bugs were fixed.

read his story..

Two weeks ago I filed a bug report on Digg.com, explaining several XSS vulnerabilities and bugs I found. Some of these were (and some still are!) very critical. A day later, I got an automated response to my report:

We’ve contacted our development team who are investigating the issue, and will fix it as soon as possible.

All well and good I thought, but when a few days ago all vulnerabilities were still there, I decided to exploit one of them.

read the rest here