WRITEUP #5870

[Twitter Bug Bounty] Misconfigured JSON endpoint on ads.twitter.com lead to Access control issue and Information Disclosure of role privileged users.

ReconBroken authorizationInformation disclosure

byPeerzada Fawaz Ahmad Qureshi

Bounty

280

Program

Twitter

Published

Aug 10, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://web.archive.org/web/20191219011242/https://medium.com/@zk34911/twitter-bug-bounty-misconfigured-json-endpoint-on-ads-twitter-com-2771ec83a82

▸ RELATED WRITEUPS

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authentication

P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!

ReconInformation disclosure

How I Got Bugs From Google Dorks

ReconInformation disclosure

How I can easily get four P1 at NASA using Simple Google Dorking.

ReconInformation disclosure

$1600 Bounty on a Main Domain

ReconSession fixation

Built with ❤️ by Shubham Rawat