Tuesday, May 17, 2011

Twitter Vulnerable to XSS

Twitter Help Center is again vulnerable to XSS
Note: This is a proof of concept and it doesn't reflect the views or interests of above website.
you don't need to be logged to execute it !

XSS:
http://support.twitter.com/forms/render_account_partial?account_num=XSS

Redirect:
http://support.twitter.com/forms/render_account_partial?account_num=XSS



Twitter staff has been alerted....
Update: BUG FIXED !!! Twitter security team was very fast :)


source : security-sh3ll

No comments: