How The Self-Retweeting Tweet Worked: Cross-Site Scripting (XSS) and Twitter
Tom Scott 6:17
2,366,125 views · 74,807 likes Watch on YouTube ↗
http://tomscott.com - http://twitter.com/tomscott - It should never have happened. Defending against cross-site scripting (XSS) attacks is Web Security 101. And yet, today, there was a self-retweeting tweet that hit a heck of a lot of people - anyone using Tweetdeck, Twitter's "professional" client. How did it work? Time to break down the code. (Remember the old Myspace worms? They worked the same way.)
THE SELF-RETWEETING TWEET: https://twitter.com/derGeruhn/status/476764918763749376
THE SELF-RETWEETING TWEET: https://twitter.com/derGeruhn/status/476764918763749376
Category (YouTube): Education
Playback is via YouTube's official embedded player. Data from YouTube; Exumo is not affiliated with YouTube.