漏洞标题
N/A
漏洞描述信息
通过 ec83d01,Twitter推荐算法允许攻击者通过安排多个Twitter账户协调针对目标账户的负面信号(例如删除关注、 muting、屏蔽和报告),在2023年3月和4月在野外被成功利用。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023. NOTE: Vendor states that allowing users to unfollow, mute, block, and report tweets and accounts and the impact of these negative engagements on Twitter’s ranking algorithm is a conscious design decision, rather than a security vulnerability.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Twitter Recommendation Algorithm 安全漏洞
漏洞描述信息
Twitter Recommendation Algorithm是美国Twitter开源的一个 Twitter 推荐算法。 Twitter Recommendation Algorithm ec83d01及之前版本存在安全漏洞,该漏洞源于允许攻击者通过安排多个 Twitter 帐户协调有关目标帐户的负面信号(例如取消关注、静音、阻止和报告)来造成拒绝服务(降低信誉评分)。
CVSS信息
N/A
漏洞类别
其他