Re: [CGUYS] Twitter vulnerable - unless you're using IE8

2009-09-10 Thread t.piwowar
On Sep 7, 2009, at 7:43 AM, Chris Dunford wrote: Security researcher Brian Mastenbrook uncovered a cross-site scripting vulnerability in Ruby on Rails and quickly had injected Javascript code running in Twitter. An advisory from the Ruby developers has already been issued, along with

[CGUYS] Twitter vulnerable - unless you're using IE8

2009-09-07 Thread Chris Dunford
I apologize in advance for the computer-related post. Security researcher Brian Mastenbrook uncovered a cross-site scripting vulnerability in Ruby on Rails and quickly had injected Javascript code running in Twitter. One surprise I discovered during the process was that IE8 includes a Cross

Re: [CGUYS] Twitter vulnerable - unless you're using IE8

2009-09-07 Thread Jeff Wright
But, how does it fare under the single payer attack? Have the other browsers mitigated the bitten finger exploit? -Original Message- I apologize in advance for the computer-related post. Security researcher Brian Mastenbrook uncovered a cross-site scripting vulnerability in Ruby