Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

X (Formerly Twitter) - HackerOne Reports

View on HackerOne

164

Total Reports

14

Critical

24

High

56

Medium

25

Low

[dev.twitter.com] XSS and Open Redirect Protection Bypass

Reported by: bywalks | Disclosed:

Medium

Bounty: $1120.00

Changing email address on Twitter for Android unsets "Protect your Tweets"

Reported by: alexiaya | Disclosed:

Low

Weakness: Privacy Violation

Bounty: $2940.00

Accepting error message on twitter sends you to attacker site

Reported by: safehacker_2715 | Disclosed:

Medium

Weakness: Open Redirect

Bounty: $560.00

Open Redirect

Reported by: malcolmx | Disclosed:

Weakness: Open Redirect

NO username used in authenthication to www.mopub.com leading to direct password submission which has unlimited submission rate.

Reported by: adarsh_p | Disclosed:

Medium

Attacker can get vine repost user all informations even Ip address and location .

Reported by: 0xprial | Disclosed:

Weakness: Improper Authentication - Generic

Twitter Media Studio Source Information Disclosure With Analyst Role

Reported by: bcc20c71c2f1f135afb8c3b | Disclosed:

Medium

Weakness: Information Disclosure

Github Token Leaked publicly for https://github.com/mopub

Reported by: moro139 | Disclosed:

Medium

Weakness: Cleartext Storage of Sensitive Information

Ability to perform actions (Tweet, Retweet, DM) and other actions, unauthenticated, on any account with SMS enabled.

Reported by: antisocial_eng | Disclosed:

Critical

Weakness: Business Logic Errors

Identify the mobile number of a twitter user

Reported by: aymen_mansour | Disclosed:

Critical

Weakness: Information Disclosure

Bounty: $560.00

2 Subdomains Takeover at readfu.com

Reported by: m7mdharoun | Disclosed:

Medium

Weakness: Privilege Escalation

reverb.twitter.com redirects to vulnerable reverb.guru

Reported by: theraz0r | Disclosed:

[sms-be-vip.twitter.com] vulnerable to Jetleak

Reported by: molejarka | Disclosed:

Weakness: Information Disclosure

Bounty: $1260.00

Bypassing x profile verification to receive instant blue checkmark and unlimited profile changes

Reported by: itsdavid | Disclosed:

Low

Weakness: Business Logic Errors

Bounty: $250.00

Open Redirect Protection Bypass

Reported by: avinash_ | Disclosed:

Weakness: Open Redirect

Periscope iOS app CSRF in follow action due to deeplink

Reported by: mgf15 | Disclosed:

Low

Weakness: Cross-Site Request Forgery (CSRF)

Bounty: $2940.00

Remote Unrestricted file Creation/Deletion and Possible RCE.

Reported by: zigoo0 | Disclosed:

Low

Weakness: Code Injection

Sub Domain Takeover at mk.prd.vine.co

Reported by: punkrock | Disclosed:

Bounty: $140.00

CRLF and XSS stored on ton.twitter.com

Reported by: seifelsallamy | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

Bounty: $1680.00

Vine all registered user Private/sensitive information disclosure .[ Ip address/phone no/email and many other informations ]

Reported by: 0xprial | Disclosed:

Critical

Weakness: Information Disclosure

Previous Page 3 of 9 Next