Month of Twitter Bugs - TwitIQ suffered from cross site request forgery and cross site scripting vulnerabilities.
7be0a3d4416f7ed804c7757415cbe4c24a6a94509775e3e29239d0d9ad6f8390Friday, July 10, 2009
MoTB #10: CSRF+XSS vulnerabilities in Twitiq
What is Twitiq
"TwitIQ is an enhanced Twitter interface that provides insight into your Twitter stream and Twitter followers." (Twitiq home page)
Twitter effect
Twitiq can be used to send tweets, direct messages and follow/unfollow other Twitter users. Twitiq is using Username/Password authentication in order to utilize the Twitter API.
Popularity rate
A new 3rd party service, which already gained 5K unique visitors per month (according to Compete)
Vulnerability: Cross-Site Request Forgery and Cross-Site Scripting in jsonp.php.
Status: Patched.
Details: The Twitiq jsonp.php web page did not use authenticity code in order to validate that the HTTP post is coming from the Twitiq web application. Also, the jsonp.php did not encode HTML entities in the "jcb" variable.
Both vulnerabilities could have been used by an attacker to automatically send tweets, direct messages or follow/unfollow other twitter users on behalf of it's victims.
Proof of Concept: http://www.twitiq.com/jsonp.php?jcb=%3Cscript%3Ealert("xss")%3C%2Fscript%3E&action_jsonp=new_status&status=CSRF
Vendor response rate
The vulnerabilities were fixed within 1 hour after they have been reported.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed