CVE-2013-5726
Tweetbot 1.3.3 for Mac and 2.8.5 for iPad/iPhone expose a vulnerability via the tweetbot:/// URL scheme that does not require user confirmation for follow or favorite actions. This design allows remote attackers to trigger actions on behalf of the user without prompts, effectively forcing undesir...