Olivia
Online
Anees Hyder
@aneesOx_dev
WebDeveloper | Bugbounty Hunter | CVE-2026-25523
Ahmedabad
Joined June 2016
203 Following
99 Followers
69 Posts
7/7
How to fix it?Validation must happen on the Server Side. The server should receive the OTP, verify it against the database, and return a secure session token or cookie.
Stay curious, stay secure! ๐ป๐ #infosec #bugbounty #webdev #javascript
Why you should NEVER trust the client for sensitive logic.
1/7 ๐ก๏ธ I was recently testing a web application and stumbled upon some jQuery logic handling OTP verification. Within minutes, I was able to completely bypass the authentication process.
Letโs break it down. ๐งต๐
6/7
The LessonClient-side validation is for User Experience (UX), not Security.
โ
Good: Checking if the OTP is the right length before sending.
โ Bad: Letting the client-side code decide if the OTP is "correct" to proceed to sensitive areas.
https://t.co/YaZBnS8rQi
https://t.co/NedFA9X9CK
Who to follow
Asad palasara
@asad_palasara
Webdesigner, Front-end-Developer
Amin ๐
@amincharoliya
Front End Developer.
Building Frontend @buddybossWP ๐ข. Previously @multidots
HTML - CSS - JavaScript - React - WordPress
Faisal Alvi
@_the_faisal
Building high-performing @WordPress & @WooCommerce solutions | Open-source contributor | 12+ yrs shaping enterprise-grade digital experiences | Core Contributor
Just got my first CVE from a HackerOne report - CVE-2026-25523
Grateful to be contributing to real-world security in open-source software. More coming. ๐ป๐
#cve #hackerone #cybersecurity #BugBounty
7 bug bounty tips I wish someone had told me when I started: ๐งต
Update on CVE-2025-66478 (React2Shell):
An npm package has been released to scan and update affected Next.js apps. Use `npx fix-react2shell-next` to update to patched versions.
All users should update as soon as possible.
More details our blog:
https://t.co/fjNfpv3huI
Its up again !
https://t.co/NnRlKAmnjm down?
@Hacker0x01
Seems like cloudflare again !
Persistence is the key
80% never even start. 10% quit halfway. Only 10% make it to the end. Choose your side.
My first report at @Hacker0x01
CORS misconfiguration lead to Authorization bypass
#cybersecurity #bugbounty
@AghariaTausif @flipkartsupport @Flipkart I had some bad experiences with Flipkart recently. It was about cancelling my order. I had to try multiple times to just cancel my order which should be pretty easy to do. At last they told me to cancel my order when the delivery guy comes to me.
Last Seen Users on Sotwe
koleksi indo
Seen from Singapore
Noah XXL 
Seen from United Arab Emirates
Yabancฤฑ Genรง
Seen from United Kingdom
evli gizli677
Seen from Turkey
ูุงุทู
ุฉ ุงูููุจููุฉ ๐ฑ๐พ๐
Zoey Di Giacomo โจ
Seen from United Kingdom
Tom
Dr DP
Seen from Turkey
S Y เธเธฅเธดเธ
Seen from Thailand
ููู ุงูุฎุจุฑ
Seen from Germany
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers