May 29, 2011

Cross-site scripting vulnerability in TweetDeck’s ChromeDeck

Chrome TweetDeck, the browser-based version of the Tweetdeck Twitter client, has been found to be suffering from a cross-site scripting vulnerability (XSS). It was discovered that the Chrome TweetDeck application, also known as ChromeDeck, would execute scripts placed within <script> tags in tweets (Twitter messages).
For example, the discoverers found that the text

<script>alert('Scanned')</script>


Solution is update the new version of Chrome TweetDeck.


No comments:

 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |