|
Written by Octra Bond
|
|
Wednesday, 22 September 2010 00:12 |
|
Moments ago, I had found that someone's tweet looked odd; I had seen a color band in place of his usual message. When I had checked HTML code, I had also found that its code was strange. I understood later that it might be a decoration trick. But consequently, I realized that any script might be also inserted by this trick. This was a big security bug (but easy to solve I know). Not long after that, such script caused problem all over Twitverse: one wrote a script which could exploit by retweeting; one's retweet would continuously infect his friends in the same way, like a worm. The script disturbed common usage on standard-theme web site. It also blocked entire web site with cursor event; anyone would also be infected when he moved mouse cursor on it. Even CNN reported this infection as XSS (but it was actually not XSS because it was from user's script.) At this time, the problem is already solved.
|
