Function(mathematics) Ext. Prefect | Jun 24, 2010 | 15 comments Twitter user 0wn3d_5ys has demonstrated a persistent cross site scripting (XSS) vulnerability on Twitter he found on June 21st using his own Twitter account (visit at your own risk) that appears to be due to a lack of input validation of the application name field when accepting new requests for Twitter applications.
Visiting his account on Twitter results in a pair of classic cross site scripting alert boxes, then your browser is manipulated, finally you enter the matrix (see below), and get messages from the researcher who found the vulnerability. Initial result of visiting the affected Twitter profile. Alert box one. Alert box 2. 45 Powerful CSS/JavaScript-Techniques - Smashing Magazine. Advertisement CSS and JavaScript are extremely powerful tools for designers and developers.
However, sometimes it’s difficult to come up with the one excellent idea that would solve a problem that you are facing right now.