Facebook rates as the second most popular website on the internet with 400 million active users. When such a website has common web application security flaws, they are going to be abused for one’s gain. When we came across an obvious cross-site scripting vulnerability, we decided to show that an attacker could do that.
Click here for high quality version of this video (opens a new window)
We worked with Facebook to make sure that this vulnerability is fixed. We would like to thank their security team for quickly fixing it.