Carousel Studio

Repurpose X Threads into LinkedIn & Instagram Carousels

Canvas & Ratio

Choose your destination platform format


Layout Template

Choose a content structure for your slides


Preset Themes


Typography & Sizing

Title Font Size36px
Body Font Size18px
Header & Footer Size12px

Brand Kit Customization

AGENCY

Configure brand assets for headers & footers

MULTI-PROFILES (AGENCY)
AGENCY
SAVE PRESETS (AGENCY)

Outro Slide CTA

Customize your closing call-to-action slide

#1
#2
#3

Background Pattern

Source Content

Build Your Carousel

Drag and drop any post card below onto a slide, or use the quick buttons to insert content/images instantly!

Drag Post #1
impulsive
@weezerOSINT

every public Notion page is leaking the email addresses of everyone who edited it. zero authentication. no cookies. no tokens. one POST request returns full names, emails, and profile photos for every editor on the page. your company wiki is public? every employee's email is exposed. right now. reported in 2022. still works in 2026. like what is the point of even having a BBP thread

Apply Image
Apply Image
Apply Image
Drag Post #2
impulsive
@weezerOSINT

notion's API returns editor UUIDs in the permissions of any public page. no auth needed. i hit their own Community page. got 13 user IDs from block permissions. fed them into /api/v3/syncRecordValuesMain. 12 emails back. notion employees, a production service account (svc-notion-prod@makenotion.com), and an external contractor. all from one page.

Apply Image
Drag Post #3
impulsive
@weezerOSINT

notion pages are everywhere. company wikis, job boards, public docs, onboarding guides. google "site:<a target="_blank" href="http://notion.site" color="blue">notion.site</a>" and you get thousands. every one of those pages is silently leaking editor emails to anyone who sends one unauthenticated API call. enterprise workspace with 500 employees sharing a public page? that's 500 corporate emails in a single request. no rate limiting. batch 50 users at a time. pair it with getLoginOptions (also zero auth) and you know which ones use passwords vs SSO. credential stuffing just got a free target list.

Drag Post #4
impulsive
@weezerOSINT

the original report was filed on HackerOne. July 28, 2022. almost 4 years ago. notion triaged it as "informative." no fix. no CVE. no bounty. i independently found the same bug. reported it. marked duplicate. tested again today. still returns emails. same endpoint. same zero auth. if your team has a public notion page, your emails are exposed. check your sharing settings.

Drag Post #5
impulsive
@weezerOSINT

this 11 billion dollar company made a business decision to leave customer PII exposed.

Drag Post #6
impulsive
@weezerOSINT

@NotionHQ Just close your Bug Bounty Program

Apply Image
Drag Post #7
impulsive
@weezerOSINT

<a target="_blank" href="https://x.com/weezerOSINT/status/2046018181064695971?s=20" color="blue">x.com/weezerOSINT/st…</a>