Twitter jumps to block XSS worm in Tweetdeck

JMH · Jun 12, 2014

The Twitters were a twitting this morning over a newly discovered cross-site scripting (XSS) flaw in the popular Tweetdeck software owned by Twitter itself. What is cross-site scripting? Often abbreviated XSS it is a flaw in a web site that allows for the injection of client-side script code by unauthorized users.
In this example it meant that Twitter users could inject script code into a tweet that would take advantage of the Tweetdeck bug and execute code inside the browser of Tweetdeck users.

Twitter jumps to block XSS worm in Tweetdeck | Naked Security

Search

Search

Twitter jumps to block XSS worm in Tweetdeck

JMH

Emeritus, Contributor