On 28th September 2012, I found a Cross-Site Request Forgery vulnerability on http://translate.twttr.com which is the Twitter Translation Center. While checking the service I landed up on the "Accounts Settings" page which looked like this. So we've two options here, first one toggles the Twitter Badge setting on Twitter.com and second one toggles the badge related notification. POST request ...
Updated 10-20-2012 at 11:20 AM by prakhar