Monday, May 16, 2011

Twitter XSS

Twitter Help Center is again vulnerable to XSS

Note: This is a proof of concept and it doesn't reflect the views or interests of above website.
you don't need to be logged to execute it !

xss:
http://support.twitter.com/forms/render_account_partial?account_num=XSS


Redirect:
http://support.twitter.com/forms/render_account_partial?account_num=XSS


















Twitter staff has been alerted....

See also : Just another persistent Twitter XSS


Update: BUG FIXED !!! Twitter security team was very fast :)

No comments: