Beware of A New XSS on Facebook
New Cross-site scripting vulnerability has been detected on Facebook and widely exploited in the mobile API version, this vulnerability allows a malicious user to include JavaScript content into a website and redirect victim’s browser to the prepared URL.
I have already saw this flaw in the last few days, many of my friend list are posting some strange things on the wall and by Just visiting the infected website is enough to post a message that the attacker has chosen. Therefore it should be of no surprise that some of those messages are spreading very fast through Facebook. Some are posting links to infected websites, creating XSS worms that spread from user to user.
There is no user interaction required, so the messages are spreading through Facebook at a fast pace. Facebook’s security team has been notified about the vulnerability and is working on a fix. Hopefully it will be issued soon, since the attack seems easy to recreate.
Symantec advises users to log out of Facebook when they are not actively using it or to use script-blocking add-ons to prevent the attack.
make sure you subscribe to my RSS feed!
Beware of A New XSS on Facebook http://bit.ly/hJI6Pc
#Security #infosec Beware of A New XSS on Facebook: New Cross-site scripting vulnerability has been detected on … http://bit.ly/hJI6Pc
Beware of A New #XSS on #Facebook: New Cross-site scripting vulnerability has been detected… http://goo.gl/fb/6fabW
RT @sectechno: Beware of A New #XSS on #Facebook http://www.sectechno.com/2011/03/29/beware-of-a-new-xss-on-facebook/ #security #infosec
RT @MBenLakhoua: RT @sectechno: Beware of A New #XSS on #Facebook http://www.sectechno.com/2011/03/29/beware-of-a-new-xss-on-facebook/ # …
RT @sectechno: Beware of A New #XSS on #Facebook http://bit.ly/dH6RcG #security #infosec
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
Beware of A New XSS on Facebook http://bit.ly/efZIIA
@TheHackersNews can you add my link to your latest post? http://www.sectechno.com/2011/03/29/beware-of-a-new-xss-on-facebook/
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT: @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA <- that vulnerability just got fixed, not working anymore
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @darkoperator: Beware of A New XSS on Facebook http://bit.ly/hJI6Pc
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @sectechno: Beware of A New #XSS on #Facebook http://bit.ly/dH6RcG #security #infosec
RT @sectechno: Beware of A New #XSS on #Facebook http://bit.ly/dH6RcG #security #infosec
Beware Facebook peeps: http://t.co/TMZPfmj
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
Beware of A New XSS on Facebook http://bit.ly/fdk9so via @Security_FAQs
Beware of A New XSS on Facebook http://bit.ly/fdk9so
RT @sectechno: Beware of A New XSS on Facebook http://www.sectechno.com/2011/03/29/beware-of-a-new-xss-on-facebook/
RT @Security_FAQs: Beware of A New XSS on Facebook http://bit.ly/fdk9so
#security Beware of A New XSS on Facebook http://dlvr.it/LwFYp #infosec
Beware of A New XSS on Facebook #Facebook #XSS Vulnerability http://bit.ly/eegD17
Beware of A New XSS on Facebook: New Cross-site scripting vulnerability has been detected on Facebook and widely… http://bit.ly/hJI6Pc
RT @sectechno: Beware of A New #XSS on #Facebook http://bit.ly/dH6RcG #security #infosec
RT @sectechno: Beware of A New XSS on Facebook http://www.sectechno.com/2011/03/29/beware-of-a-new-xss-on-facebook/
RT @sectechno: Beware of A New XSS on Facebook http://www.sectechno.com/2011/03/29/beware-of-a-new-xss-on-facebook/
RT @Security_FAQs: Beware of A New XSS on Facebook http://bit.ly/fdk9so
Beware of A New XSS on Facebook | SecTechno: New Cross-site scripting vulnerability has been detected on Faceboo… http://bit.ly/hQrl24
RT @SocialMediaSec: Beware of A New XSS on Facebook http://bit.ly/efZIIA
[…] some of the best or most useful blog posts and articles I’ve read this week -Pentest BookmarksBeware of A New XSS on FacebookWhy Defense in Depth Will Never Be SufficientThe Secrets behind Spoofing and SpammingWhat’s […]