Facebook Vulnerability - Beware of H5N1 New XSS on Facebook !
Url : https://m.facebook.com/connect/prompt_feed.php?display=wap&user_message_prompt=%3Cscript%3Ealert%281
%29%3C/script%3E
Url : https://m.facebook.com/connect/prompt_feed.php?display=wap&user_message_prompt=%3Cscript%3Ealert%281
%29%3C/script%3E
New Cross-site scripting vulnerability has been detected on Facebook as well as widely exploited inwards the mobile API version, this vulnerability allows a malicious user to include JavaScript content into a website as well as redirect victim’s browser to the prepared URL.
I convey already saw this flaw inwards the final few days, many of my friend listing are posting only about foreign things on the wall as well as past times Just visiting the infected website is plenty to post service a message that the aggressor has chosen. Therefore it should move of no surprise that only about of those messages are spreading really fast through Facebook. Some are posting links to infected websites, creating XSS worms that spread from user to user.
There is no user interaction required, as well as thence the messages are spreading through Facebook at a fast pace. Facebook’s safety squad has been notified close the vulnerability as well as is working on a fix. Hopefully it volition move issued soon, since the assault seems slow to recreate.
Symantec advises users to log out of Facebook when they are non actively using it or to role script-blocking add-ons to foreclose the attack.
I convey already saw this flaw inwards the final few days, many of my friend listing are posting only about foreign things on the wall as well as past times Just visiting the infected website is plenty to post service a message that the aggressor has chosen. Therefore it should move of no surprise that only about of those messages are spreading really fast through Facebook. Some are posting links to infected websites, creating XSS worms that spread from user to user.
There is no user interaction required, as well as thence the messages are spreading through Facebook at a fast pace. Facebook’s safety squad has been notified close the vulnerability as well as is working on a fix. Hopefully it volition move issued soon, since the assault seems slow to recreate.
Symantec advises users to log out of Facebook when they are non actively using it or to role script-blocking add-ons to foreclose the attack.
Share This :
comment 0 Comments
more_vert