Reporting XSS, API, and other security vulnerabilities

This page documents how security experts and researchers can report vulnerabilities in the Twitter service. If you need help with your personal account, click here.

We welcome reports from security researchers and experts about possible security vulnerabilities with our service. Examples might include: vulnerabilities in our authentication system, use of HTTPS, attacks related to XSS, and other problems that affect our user base.

If you believe you have discovered a possible vulnerability in the Twitter service like those listed above, please file a report with our security team including information and detailed instructions about how to reproduce the issue. You can file your report here.

Note: If you are researching security issues, please use a protected Twitter account to test any possible security vulnerabilities, which will give us time to fix any issues. Security researchers should also visit our security page.

Concerned about your personal privacy or security on Twitter?

Click here to visit our help page all about keeping your account secure.

Was your personal account compromised or hacked?

Click here to find out what to do when your Twitter account has been compromised or hacked. That page offers detailed istructions about how to reset your password, regain access to your account, or contact the user support team.