client.gmsklad.ru Cross Site Scripting vulnerability OBB-1200943

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

X (Formerly Twitter): DOMXSS in Tweetdeck

Hi, I would like to report a DOMXSS issue in TweetDeck. Details In Tweetdeck, a tweet contains info of what client app the user used to sent the tweet. The render process is vulnerable to DOMXSS. In https://ton.twimg.com/tweetdeck-web/web/dist/bundle.6f91b4e832.js, the following line is responsib...