mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 10:41:43 +00:00
19 lines
1.1 KiB
Markdown
19 lines
1.1 KiB
Markdown
|
### [CVE-2023-29218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29218)
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
### Description
|
|||
|
|
|
|||
|
|
** DISPUTED ** The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023. NOTE: Vendor states that allowing users to unfollow, mute, block, and report tweets and accounts and the impact of these negative engagements on Twitter’s ranking algorithm is a conscious design decision, rather than a security vulnerability.
|
|||
|
|
|
|||
|
|
### POC
|
|||
|
|
|
|||
|
|
#### Reference
|
|||
|
|
No PoCs from references.
|
|||
|
|
|
|||
|
|
#### Github
|
|||
|
|
- https://github.com/ARPSyndicate/cvemon
|
|||
|
|
- https://github.com/igorbrigadir/awesome-twitter-algo
|
|||
|
|
|