Lucene search
K

4 matches found

Hacker One
Hacker One
added 2020/08/01 8:4 p.m.22 views

Automattic: DOM-Based XSS in tumblr.com

Description Hi, i would like to report DOM-Based XSS that it's exactly like this one 882546, this one work just because the page /reblog/ID/OTHERID doesn't have a correct CSP rule. Steps to reproduce 1. go to https://www.tumblr.com/reblog/620008931446652928/JBuEvzz5 2. click in click me 3. click ...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2020/07/05 8:45 a.m.124 views

Automattic: [tumblr.com] 69< Firefox Only XSS Reflected

Description : Hello, i have found a XSS Reflected in https://www.tumblr.com/abuse/start?prefill= But the XSS only works in versions of firefox that are below 70. Because its been blocked by CSP, but the version below 69 of firefox is vulnerable. Here's a great article about this subject...

6.2AI score
Exploits0
Hacker One
Hacker One
added 2020/05/26 4:0 a.m.16 views

Automattic: DOM-Based XSS in tumblr.com

Description Hi, i just found a XSS that i think it's a valid issue and i think it is in scope this time. To get the XSS the attacker needs to create a post in tumblr.com using...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/05/10 12:0 a.m.21 views

Tumblr.com Cross Site Scripting

================================================================================================== $$$$$$$\ $$\ $$\ $$\ $$$$$$\ $$ $$\ | $$ | $$ | $$ $$\ $$ | $$ |$$\ $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$\ $$ | $$ / $$ | $$$$$$$\ |$$ |$$ |$$ $$\ $$ $$\ $$ $$\ $$ $$\ $$ $$\ $$ |...

7.4AI score
Exploits0
Rows per page
Query Builder