The TweetDeck, is a Twitter tool for managing download and Missions messages of 140 characters. THE service was found to have an XSS (cross-site scripting) vulnerability and allows attacks that cause warning dialogs to pop up on clients.
Cross-site scripting vulnerability is a type of malicious content injection that can be performed on an online application by using data from an attacker without validating the code.
In some cases, of course problem it is very serious as the messages (some of them are very obscene) are retweeted again and again. A message, originating from the account “@derGeruhn” was automatically retweeted over 35.000 times.
[tweet_embed id = 476764918763749376]
The vulnerability appears to have only affected the TweetDeck service as well as the web interface and other apps that use the Twitter API work normally.
When malicious messages did not stop due to vulnerability, TweetDeck temporarily offline offline for a while. TweetDeck's services are now working without any problems.