TweetDeck patches XSS vulnerability after rampant pop-up spam

tweetdeck

If you saw strange pop-up messages in TweetDeck this morning, you weren’t alone. It wasn’t the work of the Syrian Electronic Army, just some relatively harmless XSS exploitation.

The vulnerability allowed hackers to remotely execute code, specifically in TweetDeck’s Chrome app, though the exploit was spotted in other TweetDeck versions. (The Mac app was reportedly not affected.)

Some 40,000 Twitter accounts also unwittingly retweeted a string of code from a My Little Pony account, thought to be the result of the same vulnerability.

TweetDeck parent Twitter hasn’t said what the issue was, but shortly after the pop-ups started spreading like wildfire, TweetDeck announced the vulnerability had been patched. Many Twitter users also use TweetDeck to schedule and manage posts for multiple accounts.

After you log out of TweetDeck, make sure to clear your cache and delete any accidental retweets that may have hit your account.

This story, "TweetDeck patches XSS vulnerability after rampant pop-up spam" was originally published by TechHive.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.