The Diaspora team pushed out an early Developer Release of their source code on Wednesday to open source hosting site GitHub, with ample warnings about security holes and other bugs in the code. The code includes a dangerous sounding Cross Site Scripting hole in the user commenting system and a session poisoning vulnerability. Some developers are already calling for a restart, arguing that the project, as currently envisioned, will never achieve the project s goal of providing social networking platform that attracts users and protects privacy.
Source: https://threatpost.com/bug-count-just-one-problem-facebook-foe-diaspora-091710/74486/