Critical Cross-Site Scripting Vulnerability Hits Twitter
As far as security is concerned, Twitter has been having a bad time over the past few months. There have been innumerable incidents of Twitter malware and scripting vulnerabilities besides the infamous TwitterGate incident. James Slater has uncovered another serious Cross-Site Scripting Vulnerability in Twitter which can allow hackers to gain control of your account just for viewing their Tweets.
You can find the details about the exploit here (or just watch the video embedded above). But in plain and simple terms, the problem is that Twitter allows developers utilising their API to put whatever they want in the application link (the link automatically identifies your twitter client). According to Slater Twitter is aware of this exploit but is yet to fix the issue.
This exploit is really scary since viewing the malicious tweet is sufficient for the hacker to steal your login information. If you are not logged into Twitter you would be safe or using a 3rd party Twitter client you should be safe. Hence, till Twitter goes ahead and fixes this vulnerability don’t tweet from the Twitter’s web interface.
Related Topics Similar to This Article: »
Recent Activity: »
Author: Pallab De
Pallab De is a blogger from India who has a soft spot for anything techie. He loves trying out new software and spends most of his day breaking and fixing his PC. Pallab loves participating in the social web; he has been active in technology forums since he was a teenager and is an active user of both twitter (@indyan) and facebook .Pallab De has written 913 articles for us.
The author of this post can be contacted at pallab@techie-buzz.com
We moderate comments to prevent spam. Moderation is done within few hours. Please try and stay on topic and refrain from using abusive language. If you think there is a problem with this post, please email the post author or send us an email at tips@techie-buzz.com with the URL and the problem you see and we will rectify it as soon as we can.