Hennig, AnneAnneHennigNeusser, FabianFabianNeusserPawelek, Aleksandra AlicjaAleksandra AlicjaPawelekHerrmann, DominikDominikHerrmann0000-0002-7374-3054Mayer, PeterPeterMayer2026-06-302026-06-302022978-1-4503-9156-6https://fis.uni-bamberg.de/handle/uniba/115839Running a business without having a website is nearly impossible nowadays. Most business owners use content managements systems to manage their websites. Yet, those can pose security risks and provide vulnerabilities for manipulations. With vulnerability notifcations, website owners are notifed about security risks. To identify common themes with respect to vulnerability notifcations and provide deeper insight into the motivations of website owners to react to those notifcations, we conducted 25 semi-structured interviews. In compliance with previous research, we could confrm that distrust in unexpected notifcations is high and, in contrast to previous research, we suggest that verifcation possibilities are the most important factors to establish trust in notifcations. We also endorse the fndings that raising awareness for the severity and the complexity of the problems is crucial to increase remediation rates.engweb securityCMS vulnerabilitiesvulnerability notifcationsecurity awarenessStanding out among the daily spam : How to catch website owners’ attention by means of vulnerability notificationsconferenceobject10.1145/3491101.3519847