search

Twitter mouseover exploit

Watch out for masked tweets in the web version of twitter:

The exploit seems to take advantage of the ampersand in url’s to inject scripts into the clickable tweet thus opening up dom doom.

http://www.sophos.com/blogs/gc/g/2010/09/21/twitter-onmouseover-security-flaw-widely-exploited/

Tuesday Sep 21st

Following

  • funniest10k
  • the-absolute-funniest-posts
  • mikelernerphotography
  • attentionindustry
  • tastefullyoffensive
  • evangotlib
  • infoneer-pulse
  • merlin
  • poplipps
  • cavalier
  • redshooter
  • frezned
  • amyvernon
  • minimalistco
  • theclearlydope
  • deviantart
  • yagottabelieve
  • mashable
  • poptech
  • gregbabula
  • john
  • teaim
  • despicablealexis
  • purple-lightsaber
  • toptumbles
  • hellonewyork
  • nonprofit-design
  • plus5mace
  • wantful
  • pixel2html
  • adobegripes
  • kimjongillookingatthings
  • tuneage
  • mikehudack
  • sirmitchell
  • officialbeastieboys
  • wondertonic
  • jordanwaller
  • badassjs
  • iiiil0liiii
  • fuzzythinking
  • manxmidge
  • rosskempfolds
  • londonelek
  • bigpinots
  • hoveringartdirectors