Supply‑Chain XSS in Mintlify Let Attackers Run JS on Discord, X, and More
1167
An exposed Mintlify static endpoint let malicious SVGs run on customer primary domains, creating a widespread supply-chain XSS affecting Discord, X, and many others.
Bug Bounty
Bug bounty programs, responsible disclosure, and the economics of vulnerability rewards.
Reading List