Missing Rate Limiting on https://twitter.com/account/complete
Unknown
Vulnerability Details
The following link is missing rate limiting
https://twitter.com/account/complete
by which an attacker can get all the valid phone no. on twitters account.
##POC :- Screenshot attached
Actions
View on HackerOneReport Stats
- Report ID: 27166
- State: Closed
- Substate: resolved
- Upvotes: 1