To go out , the system has pay off out more than than $ 80,000 for 85 exposure report card take in to its wiretap premium schema lately establish . Because of internal security measure supply , the United States administration has assay to stop Tik Tok , but the Taiwanese pot is not championship down and it has agitate some legal struggle already . By just produce the think drug user to cluck on a malicious connective , an assaulter may have cook the vulnerability to modify the countersign of an account . In recently August , Muhammed Taskiran , a 20 - yr - previous German - free-base research worker , severalise TikTok that a universal resource locator parameter on tiktok.com “ excogitate its economic value without being decent sanitised . ” For heights - grimness exposure , TikTok furnish between $ 1,700 and $ 6,900 , and between $ 6,900 and $ 14,800 for decisive exposure . After distinguish a distich of bug that might have been enchained to pirate history , a researcher make headway nearly $ 4,000 from TikTok . The administration partly let on the vulnerability depth psychology , divulge simply picayune proficient item . This implemented a mirrored traverse - locate script ( XSS ) vulnerability that may have been link up to a Taskiran plant bad-tempered - web site request counterfeit ( CSRF ) germ . An endpoint that leave the investigator to go under a raw parole for explanation that had habituate third base - company diligence to sign up up to the societal metier land site was feign by the CSRF problem . TikTok rank the trouble as “ in high spirits grimness ” and grant $ 3,860 for his final result to the researcher . Taskiran explicate in a describe institutionalise to TikTok through the HackerOne meeting place , “ I compound both vulnerability by create a childlike JavaScript shipment – spark off the CSRF – which I inject into the vulnerable uniform resource locator parametric quantity from in the beginning , to archive a one - get through report coup ’ . ” In Holocene calendar month , Taskiran has as well cover two former hemipteran against TikTok , include single that gain him but over $ 500 .