As stated by mashable on their post
A new Twitter security flaw has been widely exploited on thousands of Twitter accounts, redirecting users to third-party websites without their consent.
The bug is particularly nasty because it works on mouseover only, meaning pop-ups and third-party websites can open even if you just move your mouse over the offending link.
The flaw uses a JavaScript function called onMouseOver which creates an event when the mouse is passed over a chunk of text. We’ve seen the flaw being abused to launch simple pop-up windows, redirect users elsewhere (including porn sites), and we’ve also seen it used in combination with blocks of color, covering the true “intention” of the tweet.
Filed under: General
Trackback Uri