Ahmad Halabi

Published On: 15 Oct 2019

Abusing Post Service (Create Unlimited Posts)

Rate Limits
Linkedin | Web

In general, A user registered in LinkedIn can create posts in his LinkedIn Profile, friends and connected people can see his posts too. But what if this feature goes to be abused.


The bug was that any user can create unlimited posts without getting blocked or wait for sometime.

Show Image


This issue will cause bombing a massive and huge amount of posts to the user and server which will consume large resources of the server. Also will cause abusing to users who are connected to the target user and who are following him.

Reproduction Steps


1. Navigate to your LinkedIn account.

2. Hit on Create Post and create a post and intercept its request.

3. Send the intercepted request to the intruder in burpsuite -> Launch the attack and observe that large number of posts created successfully.

Ahmad 05 Aug 2019

Initial Report

Linkedin 10 Sep 2019

Report Confirmed & Triaged

Linkedin 15 Oct 2019

Report Fixed by LinkedIn