Klikki Oy

Oct 28, 2020
HEY.com stored XSS vulnerability report Read more »
Feb 15, 2019
Third stored XSS vulnerability in Yahoo Mail Read more »
Nov 14, 2017
Formidable Forms various vulnerabilities Read more »
Oct 24, 2017
Klikki Oy finds a vulnerability affecting about 100 million users, $20,000 bug bounty Read more » (in Finnish)
Oct 19, 2017
WP Engine security issues Read more »
Feb 17, 2017
Stored XSS vulnerability in BetterTTV for Twitch.tv Read more »
Dec 08, 2016
Critical security vulnerability in Yahoo Mail fixed Read more »
Nov 23, 2016
PageLines Platform 4 CSRF-RCE vulnerability Read more »
Oct 02, 2016
W3 Total Cache server side request forgery bug reported by Klikki fixed
Read more »
Oct 02, 2016
Uber OneLogin authentication bypass by Klikki was the most viewed vulnerability report of Q2 2016 on HackerOne
Jun 21, 2016
A WordPress core stored XSS vulnerability found by Klikki was fixed - reported a month ago as a side product of the Uber bug hunt.
May 17, 2016
All-in-One Event Calendar by Time.ly stored XSS and SQL injection Read more »
January 19, 2016
Yahoo Mail vulnerability found by Klikki Oy could compromise or infect email accounts. Vulnerability patched earlier this month.
Read more »
July 24, 2015
Another WordPress stored XSS found by Klikki back in November 2014 patched.
Read more »
June 02, 2015
A zero day vulnerability in Unity Web Player.
Read more »  Vulnerability test »
April 26, 2015
WordPress vulnerable to another comment XSS exploit identified by Klikki.
Read more »
April 14, 2015
Adobe released patches for two critical Flash vulnerabilities reported by Klikki: a "double free" bug and unrestricted video/audio recording on the target system.

Read more » Video demo »

April 8, 2015
Safari cross-domain vulnerability found by Klikki affects close to 1 billion mobile and desktop devices (iOS, OS X, Windows). Patches available now. Read more » Vulnerability test »
March 12, 2015
Five vulnerabilties, including a critical SQL injection, in WPML (sitepress-multilingual-cms) WordPress plug-in. Patch available. Updated March 13. Read more »
November 20, 2014
Critical WordPress security vulnerability discovered by Klikki Oy affects tens of millions of web sites:
Press release »  Technical advisory »  Vulnerability test »

Cyber security

Advisory archive

Customer references

  • Danske Bank
  • Balancion

Game development

Kiekko.tk  TyperA