private void fixBug(Bug bug) throws ConcussionException

{

while(bug.foundProblemCode() == false)

slamHeadAgainstWall();


while(bug.solvedProblem() == false)

slamHeadAgainstWall();


rejoice(new Beer());

fixBug(getNextBug());

}

 

Tweetdeck Chrome Extension XSS Vulnerability

Tweetdeck Chrome Extension XSS Vulnerability

PDFPrintEmail

User Rating: / 5
PoorBest 

AddThis Social Bookmark Button

Silly me.

I retweeted a funny tweet by @mikkohypponen at F-Secure about some javascript that had put in the X-VirusScan header of an email, and much to my surprise the javascript executed.

I tweeted the results of my discovery and Mikko had a hard time believing it, but after a couple of go arounds and some screenshots I was taken seriously.  Mikko notified the guys at Twitter and supposedly they have fixed it, but it still is working in my browser today.  Thus I discovered the 140 character, must retweet the message javascript XSS vuln in the Tweetdeck extension for Google Chrome ;)

Here is Mikko's blog entry over at F-Secure.

http://www.f-secure.com/weblog/archives/00002167.html

Back to work ;)

 

 

Comments (0)
Only registered users can write comments!