Note #20176

Hey @VOXI_UK! There’s a security #vulnerability in your website. An attacker can (a) exfiltrate mobile numbers and (b) authenticate bypassing OTP.

Not sure who to talk to about ethical disclosure. Let me know?


  1. VOXI VOXI says:

    Hey Dan. Thanks for bringing this to our attention, can you please drop us a DM so we can take a further look into this? This can also be reported on the link here –… 🙂 Liam

    Read more →

    1. Dan Q Dan Q says:

      Thanks; I’ve filed a report now.

Reply here

Your email address will not be published. Required fields are marked *

Reply on your own site

Reply elsewhere

You can reply to this post on Facebook.

Reply by email

I'd love to hear what you think. Send an email to; be sure to let me know if you're happy for your comment to appear on the Web!