Tuesday, September 7, 2010

New Twitter XSS vulnerability


Twitter XSS vulnerability on http://dev.twitter.com/apps/

When you sign up for application, you can authorize some domains. Then, instead of adding domains, you add some malicious code into the form.


I found it today and reported it to twitter. 

 


No comments:

Post a Comment