Reflected xss on ads.tiktok.com using `from` parameter.
High
T
TikTok
Submitted None
Team Summary
Official summary from TikTok
A XSS (cross-site scripting) vulnerability was found on a TikTok ads endpoint using the "from" parameter. We thank @imran_nisar for reporting this to our team and confirming its resolution.
Actions:
Reported by
imran_nisar
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected