IE8 CSS-based forced tweeting
Scary Beasts Security
SEPTEMBER 29, 2010
A few weeks back, I published a demo that uses a serious Internet Explorer cross-origin violation to permit a malicious web page to force the visitor to make unwarranted tweets: [link] The post was light on technical details of how the attack works, so they will be filled in below. In addition, I'll quickly take care of the FAQ: Q) Does this attack affect earlier versions of Internet Explorer, such as IE6?
Let's personalize your content