Wat is the worst response you can give when someone alerts you about a security issue in your software? I can almost hear you thinking: “waiting two years to fix it“, but there is an even worse response. Some companies just simple don’t respond at all. Simply amazing…

After verifying the issue we contacted the company in several ways, emailing several addresses, but failed to “reach” anyone. We received several automated responses, and even our inquiry to their sales emails, returned nothing, are we missing something?

So, if anyone from Invision Power is reading this: you might want to contact noamr[at]beyondsecurity.com.