Stored XSS Vulnerability in Tumblr





Hello Friends,

I started to participate in bug bounty in 2017 and found an XSS (Cross Site Scripting) vulnerability in Tumblr.




PoC Video:





I reported this to Tumblr.
Next day, Tumblr quickly patched this and rewarded me. 




  


I received my first bounty of $1000 from Tumblr.


I also received Tumblr t-shirt and stickers as a Swag/Gift.



I receive very good response from Tumblr Security Team.
 

Thanks Tumblr.

Comments

Popular posts from this blog

XSS like a Pro

Email Spoofing for Beginners

DoS on WAF Protected Sites by Abusing Cookie