Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New Facebook cross-site scripting vulnerabilities - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Facebook cross-site scripting vulnerabilities

From XXSed (http://www.xssed.com/news/80/New_highly_critical_Facebook_XSS_vulnerabilities_pose_serious_privacy_risks/) -

"Security researchers Zeitjak, David Wharton, Daimon and p3lo, have recently discovered XSS flaws that affect several Facebook functionalities including the developers page, new users registration page, iphone login page and applications page."

PoC links are on XXSed for anyone who is curious.

Toby

68 Posts

Sign Up for Free or Log In to start participating in the conversation!