Twitter fixed bug could have exposed Direct Messages to third-party apps
Security Affairs
DECEMBER 16, 2018
Researcher Terence Eden discovered that the permissions dialog when authorizing certain apps to Twitter could expose direct messages to the third-party. The flaw is triggered when apps that require a PIN to complete the authorization process instead of the using the OAuth protocol. The expert discovered that some permissions such as that to access direct messages, remained hidden to the Twitter user.
Let's personalize your content