diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Sep242010

Cross-site Sscripting (XSS) Caused “onMouseOver” Incident On Twitter

On Twitter’s newly redesigned site, an old patched security hole resurfaced, and the majority related to this incident fell under the prank or promotional categories. “A user noticed the security hole and took advantage of it on Twitter.com. First, someone created an account that exploited the issue by turning tweets different colors and causing a pop-up box with text to appear when someone hovered over the link in the Tweet. This’s why folks are referring to this an “onMouseOver” flaw — the exploit occurred when someone moused over a link.

In this case, users submitted javascript code as plain text into a Tweet that could be executed in the browser of another user.,” explains Twitter.

Though the current exploits are still mostly harmless in nature, this hole can easily be used to redirect Twitter users to sites containing malware. Twitter claimed to have fully patched the cross-site scripting exploit now.

[Source]

Share This Story, Choose Your Platform!

Do NOT follow this link or you will be banned from the site!