The TweetDeck, it is one tool του Twitter για τη διαχείριση της λήψης και αποστολής μηνυμάτων 140 χαρακτήρων. Η service was found to have an XSS (cross-site scripting) vulnerability and allows attacks which cause warning dialogs to pop up on clients.
Cross-site scripting vulnerability is one type injection with malicious content that can be performed on a web application by making it use data from an attacker without validating the code.
In some cases, of course, the problem is very serious, as the messages (some of them are very obscene) are retweeted over and over again. A message coming from the "@derGeruhn" account was automatically retweeted over 35.000 times.
[tweet_embed id = 476764918763749376]
Vulnerability appears to have affected only the TweetDeck service as the web interface and other applications using the Twitter API function normally.
When malicious messages didn't stop due to the vulnerability, TweetDeck went temporarily offline for a period of time. The services of TweetDeck are currently working without any problems.