Twitter.com Unrestricted File Upload Vulnerability.

Critical vulnerability in Twitter allows attacker to upload Unrestricted Files
Hello,

Twitter Acknowledged me on their Hall of Fame for finding and reporting Two Vulnerabilities in their web site.

Those two vulnerabilities are:

1- Unrestricted File Upload Vulnerability.

 

The POC:

When an application does not validate or improperly validates file types before uploading files to the system, called Unrestricted File upload vulnerability.
Such flaws allow an attacker to upload and execute arbitrary code on the target system which could result in execution of arbitrary HTML and script code or system compromise.

2- Unvalidated Redirection Vulnerabilit

This vulnerability could be used by Attackers to conduct Phishing and malware spreading attacks against Twitter users.

Link to Twitter Hall Of Fame:

https://twitter.com/about/security

Leave a reply