Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: New Facebook cross-site scripting vulnerabilities SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Facebook cross-site scripting vulnerabilities

From XXSed (http://www.xssed.com/news/80/New_highly_critical_Facebook_XSS_vulnerabilities_pose_serious_privacy_risks/) -

"Security researchers Zeitjak, David Wharton, Daimon and p3lo, have recently discovered XSS flaws that affect several Facebook functionalities including the developers page, new users registration page, iphone login page and applications page."

PoC links are on XXSed for anyone who is curious.

Toby

68 Posts
Dec 16th 2008

Sign Up for Free or Log In to start participating in the conversation!