Apr 5, 2018

Link injection on 2 Twitter Subdomain

Advertisement



link injection on Twitter Subdomains 
blog.twitter.com and about.twitter.com )

Hello Every Body ☺️ Welcome to my Small Blog 

Today I will Share my Small Bug in Twitter Program

My bug was about Link injection on 2 Twitter Subdomain


https://blog.twitter.com/esi/menu/global
and
https://about.twitter.com/esi/menu/global

have 2 Parameters

paramter was able to inject them
with any words
links[all_blogs][title]=
****************************
Second Parameter
inject it with the url
links[all_blogs][url]=


Now the Victim When read my Word and Click on it 
he will redirect to my Website 



Poc Example  : 


Reward : 280$






Share This
Previous Post
Next Post

Security Researcher at Many Websites - Bug Hunter - Civil Engineer Student

6 comments:

  1. I found this same bug in facebook but facebook didnt reward me :(

    ReplyDelete
  2. Replies
    1. Thanks Bro :) Enjoy more Diclosure Reports Soon

      Delete
  3. It help me found one on Google
    Sharing is caring

    ReplyDelete