THE CENZIC BLOG
Subscribe to the "Facebook Hacked Due to XSS Vulnerabilities" web feed.Subscription options
Read more articles in  Web Application Security Insights
.
January 05, 2009

Facebook Hacked Due to XSS Vulnerabilities

Facebook contains highly critical XSS vulnerabilities for hackers to exploit, posing privacy risks to users

Facebook Hacked with XSS VulnerabilitiesThe XSSed site reported a series of highly critical XSS vulnerabilities on Facebook (December 15, 2008 and again on January 4, 2009) that hackers can exploit.  Various Facebook functionalities affected include the new users registration page, iPhone login, reset password pages, and others. 

Malicious people can exploit these XSS bugs to infect millions of Facebook members with malware, adware and spyware.

So far, Facebook has not fixed these flaws, so be very careful when using your account by questioning suspicious requests and not accepting friend invites from people you don’t know. 

by
Erin Swanson
Eswanson@cenzic.com

.
PermalinkNew highly critical Facebook XSS vulnerabilities pose serious privacy risks
.XSSed Site finds numerous XSS vulnerabilities on Facebook
.http://www.xssed.com/news/80/New_highly_critical_Facebook_XSS_vulnerabilities_pose_serious_privacy_risks/
.
PermalinkFacebook 'reset password' page suffers major XSS flaw
.XSSed Site finds numerous XSS vulnerabilities on Facebook
.http://www.xssed.com/news/81/Facebooks_Reset_Password_page_suffers_major_XSS_flaw/
Topic Tags:  ,
by Erin Swanson | ↑top | link to this#
Comments
.

Who Cares

Who cares if your facebook account is hacked?
So what if someones facebook account is hacked. By now they should know better than to put personal information on their facebook account. Rule of thumb, if you don't want your mom to know then don't put it on facebook.
by Michael Morano | January 07, 2009 | ↑top | link to this#
.
Syndication OptionsRSS (Rich Site Summary) Feed Atom Feed OPML (Outline Processor Language) Feed MYST-ML (MyST Markup Language) Content Feed MS-Office Smart Tag Subscription