# Website: http://www.facebook.com
# It's free and anyone can hack !
# Bug: XSS
# Date: 22.01.09
##################################

Vulnerable URL: hxxp://apps.facebook.com/skillzbase/
Click here for the XSS Demo
Fix input validation in the app
Social networking websites are targetted a lot these days, reckless filtering *shrugs*
Cheers :)
Kish
Date: 24.01.09
Update: The bug has been fixed by Facebook, Full disclosure - We believe in it !
No comments:
Post a Comment