AddThis Social Bookmark Button

Most Read!


Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/rjacksix/dc406.com/modules/mod_mostread/helper.php on line 79

l337 Reading

Tweetdeck Chrome Extension XSS Vulnerability

Tweetdeck Chrome Extension XSS Vulnerability

PDFPrintEmail

User Rating: / 1
PoorBest 

AddThis Social Bookmark Button

Silly me.

I retweeted a funny tweet by @mikkohypponen at F-Secure about some javascript that had put in the X-VirusScan header of an email, and much to my surprise the javascript executed.

I tweeted the results of my discovery and Mikko had a hard time believing it, but after a couple of go arounds and some screenshots I was taken seriously.  Mikko notified the guys at Twitter and supposedly they have fixed it, but it still is working in my browser today.  Thus I discovered the 140 character, must retweet the message javascript XSS vuln in the Tweetdeck extension for Google Chrome ;)

Here is Mikko's blog entry over at F-Secure.

http://www.f-secure.com/weblog/archives/00002167.html

Back to work ;)

 

 

Comments (0)
Only registered users can write comments!