Arbitrary code execution facts for kids
In computer security, Arbitrary Code Execution is something that allows executing code without permission. A good example is cross-site scripting (XSS) attacks which inject client-side scripts into a webpage such as the self-retweeting tweet on TweetDeck.
TweetDeck vulnerability
On June 11, 2014, user @derGeruhn tweeted:
<script class="xss">$('.xss').parents().eq(1).find('a).eq(1).click();$('[data-action=retweet]').click();alert('XSS in Tweetdeck')</script>♥Everyone who saw the tweet retweeted it automatically. It also displayed an alert saying "XSS in Tweetdeck". Because TweetDeck didn't have any precautionary measures, it only worked for TweetDeck users and the code was only showed and executed for them. The only thing Twitter users saw was the heart. It got 83 thousand retweets before it was fixed.
See also
In Spanish: Ejecución arbitraria de código para niños
All content from Kiddle encyclopedia articles (including the article images and facts) can be freely used under Attribution-ShareAlike license, unless stated otherwise. Cite this article:
Arbitrary code execution Facts for Kids. Kiddle Encyclopedia.