Summary
The Facebook Translations tool’s search characteristic was vulnerable to a uncomplicated reflected XSS attack.
How did it work?
The Translations tool allows users to perform phrase searches inside translations. In this case, when a search question returned 0 results, the script displayed a message (“Your search for “YOUR PHRASE HERE” did non tally whatever results.”) which contained unsanitized user input (the search query).
Why is this important?
- The XSS vulnerability was on Facebook.com. An assailant could convey used it to access or alter data on people’s accounts.
- Despite Facebook’s claims that they’ve eliminated XSS vulnerabilities, it’s clear that only about portions of the site are meliorate protected than others (ie: Translations was likely non using XHP). Lesser used portions of the site, similar the Translations tool, are often the well-nigh vulnerable since they’re non updated equally often or tested equally frequently.
More Information
I desire to give cheers Facebook for responding to my study too fixing the vulnerability inwards a timely manner. I specially desire to give cheers them for their support of responsible disclosure and their full general policy toward whitehat safety researcher.
News Source : nealpoole
Share This :
comment 0 Comments
more_vert