This bug in Flattr was a low impact Open Redirect that allowed attacker to redirect the victim after authorizing Twitter.
1 2 https://flattr.com/settings/connect/twitter?redirect=https://hackberry.xyz
- Found vulnerability – 5th June, 2020
- Made contact with Flattr on Twitter – 5th June, 2020
- Reported vulnerability on Twitter – 9th June, 2020
- Bug fixed – 11th June, 2020
- Disclosed On – 11th June, 2020