Hi,

I've updated the module from an old version.

In my site, users are able to post content on twitter (they have to select the option on edit/create form). After the update, on the same form, a new select has appeared. In this select there is a list with all the twitter accounts connected on the site, and users can select an account and post on this twitter account.
For example, I'm connected with the account @dromansab, and I able to post on @example twitter account...

It is a brutal security hole.. How can I disable it?

Thanks!

Comments

dgeo’s picture

dgeo commented
Issue summary: View changes
Status: Active » Closed (duplicate)

Already discussed here: #1970498: Permission to post on others status