**We Pwned X, Vercel, Cursor, and Discord through a Supply-Chain Attack**

As I sit down to share my story, I'm reminded that vulnerability hunting is not just about finding flaws in code – it's about understanding the interconnectedness of our digital world.

**A New Update on an Old Favorite**

My journey began on November 7, 2025, when Discord announced a new update to their developer documentation platform. As one of the top contributors to their bug bounty program, I was excited to dive in and explore this new feature. My favorite thing about hunting bugs on Discord is that I'm familiar with their API and platform – but even after multiple attempts, it can get dull. This new update, however, sparked my interest.

**Mintlify: A New Player**

As I dug into the new documentation platform, I discovered that it was built using an AI-powered tool called Mintlify. This platform allows users to write their documentation in Markdown and turns it into a beautiful, modern documentation site. The company behind Mintlify has some impressive credentials – their hosted documentation sites are on the *.mintlify.app domain, with support for custom domains.

**Finding the Vulnerability**

As I started looking through the /_mintlify API endpoints, I stumbled upon an endpoint that caught my attention: /_mintlify/_markdown/_sites/[subdomain]/[...route]. This endpoint allowed me to fetch files from any Mintlify documentation on a host with the /_mintlify route. Initially, it seemed like this would allow me to render another Mintlify documentation through Discord's domain – but unfortunately, it only returned raw Markdown text.

**The Breakthrough**

Fast forward two days, and I was back at it again. This time, I decided to look through the Mintlify CLI, an npm package that allows users to run their documentation site locally. As I dug deeper into the code, I stumbled upon a list of application endpoints – including one that caught my eye: /_mintlify/static/[subdomain]/[...route]. This endpoint was similar to the Markdown one but returned static files from the documentation repository.

**The Eureka Moment**

I tried accessing various file types, but it didn't work until I stumbled upon an SVG file. As any security researcher will tell you – embedded scripts in SVG files can be used to bypass certain security measures. I created a malicious SVG file with an embedded script and uploaded it to my Mintlify documentation.

**The Proof of Concept**

When I accessed the endpoint through Discord (https://discord.com/_mintlify/_static/hackerone-a00f3c6c/lmao.svg), I was thrilled to see that it worked. XSS attacks are rare on Discord, so I knew this was a significant discovery.

**A Collaborative Effort**

I shared my findings with friends xyzeva and MDL, who had also been investigating Mintlify after the Discord switch. We collectively reported the vulnerability to Discord and attempted to contact Mintlify through an employee. To our surprise, they took it very seriously – closing off their entire developer documentation for 2 hours while investigating the impact.

**The Aftermath**

As we worked with Mintlify's engineering team to remediate the vulnerability, we discovered that it affected almost every customer on their platform – including X (Twitter), Vercel, Cursor, and Discord. These companies host their documentation on their primary domains and were vulnerable to account takeovers with a single malicious link.

**Lessons Learned**

This experience taught me the importance of understanding the interconnectedness of our digital world. Compromising a single supply chain can lead to a multitude of problems – as we saw in this case. As a community, we must continue to work together to identify and address vulnerabilities before they become major issues.

**Rewards**

In total, we collectively received ~$11,000 in bounties from Discord and Mintlify. While the financial reward is nice, it's the knowledge that our efforts have made the internet a safer place that truly matters.