Will Twitter API be issuing a statement or blog post related to the Cover Redirect Vulnerability?:
This is focused on OAuth2 (and OpenID) and I know that Twitter API uses OAuth 1.0A as it’s primary means of authorization. However, I’m most curious about Application-Only authorization. Are Twitter API apps secure? Under what conditions? Are there any actions in particular that we should take to avoid the vulnerability?