Sounds like a CVE to me.https://twitter.com/wdormann/status/953651214532726789 …
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
There's no privilege escalation going on here, so no CVE. Had I thought that it were a vulnerability, I would have sent Apple an encrypted email notifying them about it. It's simply an odd behavior that seems to go against what the UI implies ("Click the lock to make changes").
Oh I see. I misunderstood then.
Try to get a CVE, Will. Last time I checked you were only in 3rd place for most vuls discovered in history. Unless we count Android SSL.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.