What process? Wasn't the default state of things to just let any random person of the street spam vulnerability reports without validation or quality control?
What process? Wasn't the default state of things to just let any random person of the street spam vulnerability reports without validation or quality control?