Just another persistent Twitter XSS
Written by DP
Monday, 19 July 2010
*UPDATED 20 Jul 2010 : 10:39pm* - A mirror of the now corrected vulnerability has been published. Also, read on an excellent technical blog post by Billy (BK) Rios about another Twitter XSS bug...
Romanian security researcher "d3v1l" from Security-Sh3ll, has notified us just a few minutes ago about a persistent cross-site scripting (XSS) vulnerability that he discovered on Twitter's help center. He has already tweeted about it too:
This is the second Twitter persistent XSS reported within a month and requires the victim to log in the account. More specifically, the simple XSS attack vector works due to improper input validation of a parameter within the "comment-body" section of the help center:
Millions of Twitter users are exposed to potentially malicious attacks that degrade their privacy and security levels; and Twitter has not yet corrected the issue nor was aware about it - maybe all help center web pages have successfully passed the code security review process or such a process never existed, who knows? They know! :)
It is only a matter of few minutes or hours before they apply a code "patch".
Screenshot of persistent Twitter XSS:
Twitter Related News on XSSed:
"Persistent XSS vulnerability affecting Twitter promptly corrected" - 27 Jun 2010 - DP
"17-year-old promoted his website on Twitter with harmless XSS worm" - 15 Apr 2009 - DP