Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

X (Formerly Twitter) - HackerOne Reports

View on HackerOne

164

Total Reports

14

Critical

24

High

56

Medium

25

Low

url that twitter mobile site can not load

Reported by: seifelsallamy | Disclosed:

Low

Weakness: Uncontrolled Resource Consumption

Bounty: $1120.00

[Urgent] Invalidating OAuth2 Bearer token makes TweetDeck unavailable

Reported by: filedescriptor | Disclosed:

Weakness: Uncontrolled Resource Consumption

Denial of Service [Chrome]

Reported by: asdasdasdasdasda | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

Bounty: $560.00

Urgent : Disclosure of all the apps with hash ID in mopub through API request (Authentication bypass)

Reported by: indoappsec | Disclosed:

Weakness: Improper Authentication - Generic

SSRF in https://cards-dev.twitter.com/validator

Reported by: mindaugas | Disclosed:

Medium

Weakness: Server-Side Request Forgery (SSRF)

Improper Host Detection During Team Up on tweetdeck.twitter.com

Reported by: avinash_ | Disclosed:

[██████████.gnip.com] .htpasswd disclosure

Reported by: rbcafe | Disclosed:

Critical

Cross-site scripting (reflected)

Reported by: linkks | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

Open Redirect on https://www.twitterflightschool.com/widgets/experience?destination_url=https://evil.com

Reported by: nagli | Disclosed:

Low

Weakness: Open Redirect

XSS on https://app.mopub.com/reports/custom/add/ [new-d1]

Reported by: c00lbugs | Disclosed:

View liked twits of private account via publish.twitter.com

Reported by: kedrischh | Disclosed:

Medium

Weakness: Information Disclosure

暴力破解用户密码没有速率控制

Reported by: 1735096419 | Disclosed:

Medium

Weakness: Unverified Password Change

[staging-engineering.gnip.com] Publicly accessible GIT directory

Reported by: bobrov | Disclosed:

Medium

Weakness: Information Disclosure

Bounty: $280.00

Discoverability by phone number/email restriction bypass

Reported by: zhirinovskiy | Disclosed:

High

Weakness: Improper Access Control - Generic

Bounty: $5040.00

Denial of Service | twitter.com & mobile.twitter.com

Reported by: asdasdasdasdasda | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

Bounty: $1120.00

XSS and Open Redirect on MoPub Login

Reported by: jackb898 | Disclosed:

Weakness: Open Redirect

Bounty: $1540.00

[URGENT] Opportunity to publish tweets on any twitters account

Reported by: kedrischh | Disclosed:

High

CSRF in twitterflightschool.com ( CAN POST ON TIMELINE WITHOUT USER PERMISSION)

Reported by: cymtrick | Disclosed:

Weakness: Cross-Site Request Forgery (CSRF)

Creating malformed URLs via new line character in-between two URLs leads to misrepresented hyperlinks in Tweets/DMs

Reported by: zlz | Disclosed:

Low

Weakness: CRLF Injection

Chained open redirects and use of Ideographic Full Stop defeat Twitter's approach to blocking links

Reported by: jub0bs | Disclosed:

Medium

Weakness: Security Through Obscurity

Bounty: $560.00

Previous Page 8 of 9 Next