TweetDeck was down for about an hour Wednesday while the company was fixing a vulnerability allowing cross site scripting attacks (XSS) that caused a tweet with some code and a little heart in it to be retweeted over and over.
The script in the tweet was being rendered as code in users’ browsers. Attackers could execute code (like making an account automatically retweet) on anyone’s computer just by tweeting it out.
From there, other Twitter users started using the technique. TweetDeck shut down its service while it made the security fixes necessary to fix the bug.