Breaking News

Micron Announces New 2600 NVMe SSD HighPoint Launches Next-Gen External PCIe Gen5 x16 Switching Adapter LG Display Begins Mass Production of Ultimate Gaming OLED Panel with 4th-Generation OLED Technology PlayStation Plus Monthly Games for July 2025 Samsung Releases Smart Monitor M9 With AI-Powered QD-OLED Display

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Twitter Resolves  "onMouseOver" Flaw

Twitter Resolves "onMouseOver" Flaw

Enterprise & IT Sep 22,2010 0

Twitter on Tuesday was notified of a security exploit which was immediately fixed. However, some time later a related issue came up tied to hovercards, which was also fixed. The security exploit that caused problems was caused by cross-site scripting (XSS). Cross-site scripting is the practice of placing code from an untrusted website into another one. In this case, users submitted javascript code as plain text into a Tweet that could be executed in the browser of another user.

Twitter discovered and patched this issue last month. However, a recent site update (unrelated to new Twitter) unknowingly resurfaced it.

Early on Tuesday, a Twitter user noticed the security hole and took advantage of it on Twitter.com. First, someone created an account that exploited the issue by turning tweets different colors and causing a pop-up box with text to appear when someone hovered over the link in the Tweet. This is why folks are referring to this an "onMouseOver" flaw -- the exploit occurred when someone moused over a link.

Other users took this one step further and added code that caused people to retweet the original Tweet without their knowledge.

This exploit affected Twitter.com and did not impact the company's mobile web site or mobile applications. The vast majority of exploits related to this incident fell under the prank or promotional categories, Twitter said. Although users may still see strange retweets in their timelines caused by the exploit, the company is not aware of any issues related to it that would cause harm to computers or their accounts. Twitter says that there is no need to change passwords because user account information was not compromised through this exploit.

"We?re not only focused on quickly resolving exploits when they surface but also on identifying possible vulnerabilities beforehand. This issue is now resolved. We apologize to those who may have encountered it," Twitter added.

Tags: Twitter
Previous Post
BlackBerry Tablet Device May Launch Next Week
Next Post
Sony's Slim External BDX-S500U Blu-ray Burner Released in the United States

Related Posts

  • Elon Musk to Acquire Twitter

  • Twitter Marks President Trump's Tweet With Tag Warning About "Violence"

  • Twitter's New Settings Let You Choose Who Can Reply to Your Tweet

  • Twitter to Let Employees Work From Home For Ever

  • Twitter Launches Labels to Warn On Misleading COVID-19 Information

  • Twitter to Start Warning Users That Post Offensive Replies

  • Twitter Reports Small Revenue As Advertising Business Hit By Covid-19

  • Twitter to Make Data Available COVID-19 Tweets to Researchers

Latest News

Micron Announces New 2600 NVMe SSD
Enterprise & IT

Micron Announces New 2600 NVMe SSD

HighPoint Launches Next-Gen External PCIe Gen5 x16 Switching Adapter
Enterprise & IT

HighPoint Launches Next-Gen External PCIe Gen5 x16 Switching Adapter

LG Display Begins Mass Production of Ultimate Gaming OLED Panel with 4th-Generation OLED Technology
Enterprise & IT

LG Display Begins Mass Production of Ultimate Gaming OLED Panel with 4th-Generation OLED Technology

PlayStation Plus Monthly Games for July 2025
Gaming

PlayStation Plus Monthly Games for July 2025

Samsung Releases Smart Monitor M9 With AI-Powered QD-OLED Display
Enterprise & IT

Samsung Releases Smart Monitor M9 With AI-Powered QD-OLED Display

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

Arctic Liquid Freezer III 420 - 360

Arctic Liquid Freezer III 420 - 360

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Soundpeats Pop Clip

Soundpeats Pop Clip

Noctua NH-D15 G2

Noctua NH-D15 G2

Crucial T705 2TB NVME White

Crucial T705 2TB NVME White

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed