Twitter Cross-Site Scripting Bug Still There

Kara Reeder

Software developer James Slater says Twitter has yet to fix a cross-site scripting bug he disclosed yesterday, reports Computerworld. The vulnerability allows criminals to hijack accounts or redirect users to malicious Web sites. You don't even have to click on anything to be affected, says Slater.

"Simply by seeing one of these [malformed] tweets, code can be run inside your browser impersonating you and doing anything that your browser can do."

Until the bug is patched, Slater recommends that users ditch any followers they don't personally know or trust.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data