So someone started a re-tweet XSS worm on Twitter. They were able to embed a span class and provide an “Onmouseover” event that causes the post to be re-tweeted when hovered over. Twitter has “patched” but I still see lots of folks trying to prove them wrong.
There’s some better analysis about the whole thing on Zscaler including the following JavaScript payload:
