The recent investigation conducted by Checkpoint Research against TikTok highlights trivially-exploitable security issues, that could have allowed motivated threat actors to gain an understanding and/or manipulate their political adversaries Ad campaigns.
To demonstrate the significance of this vulnerability, we at Kontra have developed an interactive tutorial detailing the Cross-Site Scripting flaw reported within TikTok's Ad platform and the exploitation of this issue by hypothetical cyber adversaries.
The tutorial is designed to teach developers about how cross-site scripting attacks manifest in code, how malicious actors exploit these vulnerabilities and steps developers can take write secure code.
Top comments (1)
ties in nicely with my earlier post on the tictok api
tiktok api
Clive Da ・ Jan 21 ・ 1 min read