CSRF vulnerability allows Twitter ‘follow’ abuse
September 11, 2008 – 5:53 AMLast week, TechCrunch’s Jason Kincaid wrote about an obvious Twitter vulnerability that allowed a user called “johng77536″ to game the popular micro-blogging service to add thousands of followers (subscribers) in a short period of time.
The “johng77536″ account has since been disabled but a security researcher tracking Twitter security flaws and weaknesses has discovered a new vulnerability that lets users easily game the “follow” system.
Aviv Raff has launched a new Web site called TwitPwn.com with basic details of his discovery.
You must be logged in to post a comment.