Vulnerabilities (CVE)

Filtered by vendor Tapbots Subscribe
Filtered by product Tweetbot
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-5726 1 Tapbots 1 Tweetbot 2024-02-28 6.8 MEDIUM N/A
Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of (1) follow or (2) favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL.