Open Redirect in Flattr

Reported a low impact Open Redirect to Flattr
  • Posted on: 2020-06-11 05:12
  • Reading Time: 1 min
  • Share on:
    Y Combinator

Table of Contents

This bug in Flattr was a low-impact Open Redirect that allowed an attacker to redirect the victim after authorizing Twitter.


Visit the URL

After authorization, user will be redirected to

Disclosure Timeline

5th June, 2020Vulnerability was found
Contacted Flattr on Twitter for responsible disclosure
9th June, 2020Reported vulnerability
11th June, 2020Vulnerability fixed
Publicly disclosed