Tuesday, September 7, 2010

New Twitter XSS vulnerability

Twitter XSS vulnerability on http://dev.twitter.com/apps/

When you sign up for application, you can authorize some domains. Then, instead of adding domains, you add some malicious code into the form.

I found it today and reported it to twitter. 


No comments:

Post a Comment