{"id":5076,"date":"2014-06-11T15:38:06","date_gmt":"2014-06-11T19:38:06","guid":{"rendered":"https:\/\/www.kaspersky.com.au\/blog\/?p=5076"},"modified":"2021-03-02T04:15:57","modified_gmt":"2021-03-01T17:15:57","slug":"serious_vulnerability_tweetdeck","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/serious_vulnerability_tweetdeck\/5076\/","title":{"rendered":"Serious Vulnerability in TweetDeck, Revoke Access Immediately"},"content":{"rendered":"<p><strong>UPDATE:<\/strong><em> Twitter has provided a fix for the XSS vulnerability in its TweetDeck application referenced in this article. <\/em><\/p>\n<p>Twitter has suspended services on its own Twitter application,\u00a0TweetDeck, after a serious cross site scripting vulnerability emerged and was exploited by attackers on a grand scale.<\/p>\n<p>According to Mike Mimoso of\u00a0<a href=\"https:\/\/threatpost.com\/tweetdeck-taken-down-in-wake-of-xss-attacks\/106597\" target=\"_blank\" rel=\"noopener nofollow\">Threatpost<\/a>, cross-site scripting occurs when attackers are able to inject code into webpages or web-based services that can automatically be executed by a user\u2019s browser. Hackers successfully executing a cross-site scripting attack can remotely inject code, leading to data loss or service interruption.<\/p>\n<p><\/p><blockquote class=\"twitter-pullquote\"><p>Serious vulnerability in\u00a0TweetDeck. Users should revoke access ASAP<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F61Yg&amp;text=Serious+vulnerability+in%C2%A0TweetDeck.+Users+should+revoke+access+ASAP\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote><br>\nSpecifically in the case of\u00a0TweetDeck,\u00a0an attacker could take over a user\u2019s account, post or delete tweets or deface the account. Exploit code was tweeted throughout the morning, and automatically retweeted tens of thousands of times.\n<p>\u201cThis vulnerability very specifically renders a tweet as code in the browser, allowing various cross site scripting (XSS) attacks to be run by simply viewing a tweet,\u201d Trey Ford, global security strategist at Rapid7 told\u00a0Threatpost. \u201cThe current attack we\u2019re seeing is a \u2018worm\u2019 that self-replicates by creating malicious tweets. It looks like this primarily affects users of the\u00a0Tweetdeck\u00a0plugin for Google Chrome.\u201d<\/p>\n<p>We recommend logging into your Twitter account\u00a0if you use\u00a0TweetDeck and revoking access\u00a0to\u00a0immediately.<\/p>\n<p>Below is a video demonstrating exactly how to do that, except you\u2019ll need to pretend that the iOS 5 app is\u00a0TweetDeck, because\u00a0the account on which the video was produced does not\u00a0have TweetDeck installed.<br>\n[youtube\u00a0https:\/\/www.youtube.com\/watch?v=DIqC23tdEMk&amp;feature=youtu.be]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A serious cross site scripting vulnerability was discovered in the popular Twitter application TweetDeck today. Users should revoke access to that app on Twitter as soon as possible.<\/p>\n","protected":false},"author":42,"featured_media":5078,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[702,83,640,701],"class_list":{"0":"post-5076","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-tweetdeck","9":"tag-twitter","10":"tag-vulnerability","11":"tag-xss"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/serious_vulnerability_tweetdeck\/5076\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/serious_vulnerability_tweetdeck\/3598\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/serious_vulnerability_tweetdeck\/3934\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/serious_vulnerability_tweetdeck\/5076\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/serious_vulnerability_tweetdeck\/3904\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/serious_vulnerability_tweetdeck\/5076\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/tweetdeck\/","name":"tweetdeck"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/5076","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=5076"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/5076\/revisions"}],"predecessor-version":[{"id":28940,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/5076\/revisions\/28940"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/5078"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=5076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=5076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=5076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}