Facebook “Reset Password” XSS Flaw

January 3, 2009 – 5:42 PM

DaiMon has once more discovered a new critical cross-site scripting vulnerability which affects the Facebook “Reset Password” page.  Malicious users can inject code to phish credentials and other sensitive personal information from millions of Facebook members.

We hope that this serious flaw gets fixed quickly as is usually the case with security flaws in Facebook.

Source:
http://www.xssed.com/news/81/Facebooks_Reset_Password_page_suffers_major_XSS_flaw/

  1. 2 Responses to “Facebook “Reset Password” XSS Flaw”

  2. i dont know the code

    By lance on Sep 8, 2009

  3. I’m pretty sure this was fixed a while ago.

    By manunkind on Sep 9, 2009

Post a Comment

Copyright 2008-2009 PC Sympathy - Entries (RSS) - Sitemap