Security Advisory

CVE-2013-5726

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-11-12 20:00:00

Last updated 2024-09-17 03:32:33

Assigner mitre

State PUBLISHED

Description

Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of (1) follow or (2) favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL.

← Browse all CVEs View on cve.org ↗