TikToks pixel/sdk.js leaks current URL from websites using postMessage https://hackerone.com/reports/1598749 Severity: Medium | 1,500 USD Reported To: TikTok Reported By: #fransrosen State: Resolved Disclosed: August 30, 2022, 6:25pm (UTC) 188 views18:27