Birdwatch Note
2023-12-11 17:51:10 UTC - MISINFORMED_OR_POTENTIALLY_MISLEADING
According to OWASP, HTML Injection can allow arbitrary JavaScript code execution via event handlers. However, this rests on the assumption that CS2 both embeds a JS interpreter and that it has access to dangerous functions and/or private user data. More research is required. https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection
Written by 1291E231A6AC586136867F57203011C182FFE83DC232FCD6D0370D9D9309C8D2
Participant Details
Original Tweet
Tweet embedding is no longer reliably available, due to the platform's instability (in terms of both technology and policy). If the Tweet still exists, you can view it here: https://twitter.com/foo_bar/status/1734203656856342637
Please note, though, that you may need to have your own Twitter account to access that page. I am currently exploring options for archiving Tweet data in a post-API context.
All Information
- ID - 1734269609396539558
- noteId - 1734269609396539558
- participantId -
- noteAuthorParticipantId - 1291E231A6AC586136867F57203011C182FFE83DC232FCD6D0370D9D9309C8D2 Participant Details
- createdAtMillis - 1702317070708
- tweetId - 1734203656856342637
- classification - MISINFORMED_OR_POTENTIALLY_MISLEADING
- believable -
- harmful -
- validationDifficulty -
- misleadingOther - 0
- misleadingFactualError - 0
- misleadingManipulatedMedia - 0
- misleadingOutdatedInformation - 0
- misleadingMissingImportantContext - 1
- misleadingUnverifiedClaimAsFact - 1
- misleadingSatire - 0
- notMisleadingOther - 0
- notMisleadingFactuallyCorrect - 0
- notMisleadingOutdatedButNotWhenWritten - 0
- notMisleadingClearlySatire - 0
- notMisleadingPersonalOpinion - 0
- trustworthySources - 1
- summary
- According to OWASP, HTML Injection can allow arbitrary JavaScript code execution via event handlers. However, this rests on the assumption that CS2 both embeds a JS interpreter and that it has access to dangerous functions and/or private user data. More research is required. https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection
Note Status History
| createdAt | timestampMillisOfFirstNonNMRStatus | firstNonNMRStatus | timestampMillisOfCurrentStatus | currentStatus | timestampMillisOfLatestNonNMRStatus | mostRecentNonNMRStatus | participantId |
| 2023-12-11 17:51:10 UTC (1702317070708) |
2023-12-11 23:28:51 UTC (1702337331711) |
CURRENTLY_RATED_HELPFUL | 2023-12-12 03:28:18 UTC (1702351698848) |
NEEDS_MORE_RATINGS | 2023-12-11 23:28:51 UTC (1702337331711) |
CURRENTLY_RATED_HELPFUL |
Note Ratings
| rated at | rated by | |
| 2023-12-11 15:26:21 -0600 | Rating Details | |
| 2023-12-11 14:37:56 -0600 | Rating Details | |
| 2023-12-11 14:30:38 -0600 | Rating Details | |
| 2023-12-11 14:23:23 -0600 | Rating Details | |
| 2023-12-11 13:10:37 -0600 | Rating Details | |
| 2023-12-11 12:33:32 -0600 | Rating Details | |
| 2023-12-11 12:11:32 -0600 | Rating Details | |
| 2023-12-11 11:59:41 -0600 | Rating Details | |
| 2023-12-11 11:59:06 -0600 | Rating Details | |
| 2023-12-12 06:41:44 -0600 | Rating Details | |
| 2023-12-12 04:04:29 -0600 | Rating Details | |
| 2023-12-12 04:02:34 -0600 | Rating Details | |
| 2023-12-12 01:20:14 -0600 | Rating Details | |
| 2023-12-12 01:14:50 -0600 | Rating Details | |
| 2023-12-12 00:37:03 -0600 | Rating Details | |
| 2023-12-11 23:31:40 -0600 | Rating Details | |
| 2023-12-11 18:14:41 -0600 | Rating Details |