First of all I consider myself one of the good guys.
If I find a vulnerbility on a website which I have no connection to, but I wish to let them know about this vulnerbility.
Would this be an illegal action I previously did. If I hand over the knowledge to the owner of the website, he might be "scared" of getting this information from a stranger. My worry is that this is illegal and I could be contacted by the police later on (worst case) even though trying to do a good deed.
Please let me know your thoughts on this, thanks