<script>alert("your instance isn't sanitizing its inputs correctly!")</script>
@Felthry @IceWolf there was actually a tweetdeck exploit a while ago that did a very similar thing except the javascript located its own script tag, went up a couple parent elements to find the tweet itself, then simulated a click on the retweet button. just viewing the tweet in tweetdeck would cause it to retweet itself
iirc it got retweeted by the official BBC news account
@Felthry
Thanks, Bobby Tables!
@Felthry If I were on something with HTML input I'd do this as HTML. :3