How Yesterday’s Huge TweetDeck Vulnerability Happened

How Yesterday’s Huge TweetDeck Vulnerability Happened

If you use TweetDeck in any capacity, you’re probably aware of a nasty little bug that was running rampant around TweetDeck’s hallowed columns yesterday afternoon. But what, exactly, was causing all the retweeted trouble? Computerphile’s Tom Scott breaks it down.

It all has to do with cross-site scripting, a vulnerability that allows hackers to inject client-side script into web pages viewed by other users. Normally, sites employ a filter to stop any user-written script from affecting a web page, but there was one little bitty part of that now notorious tweet that was able to plow through TweetDeck’s defences: the emoji heart.

How Yesterday’s Huge TweetDeck Vulnerability Happened

TweetDeck just started supporting emoji a few days ago, and apparently, it still hadn’t quite worked out all the kinks. If the heart hadn’t been there, TweetDeck would have processed the tweet safely and none of this would have ever happened. Let’s just be grateful that “andy” didn’t take the opportunity to do some real damage.


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.