Hi, 
Guest
Pic
Sign In

wasc-whid@lists.webappsec.org

WASC Web Hacking Incidents Database

View all threads

WHID 2011-64: Facebook Bully Video Actually a XSS Exploit

WW
WASC Web Hacking Incidents Database
Mon, Apr 25, 2011 1:14 PM

*Entry Title: *WHID 2011-64: Facebook Bully Video Actually a XSS Exploit
*WHID ID: *2011-64
*Date Occurred: *April 7, 2011
*Attack Method: *Cross Site Request Forgery (CSRF)
*Application Weakness: *Insufficient Process Validation
*Outcome: *Worm
*Attacked Entity Field: *Web 2.0
*Attacked Entity Geography: *USA
*Incident Description: *A security researcher has identified a bully video
as a malicious app exploiting yet another cross-site-scripting vulnerability
on Facebook with a very sophisticated payload.
*Mass Attack: *No
*Reference: *
http://www.eweek.com/c/a/Security/Facebook-Bully-Video-Actually-a-XSS-Exploit-121829/
*Attack Source Geography: *
*Attacked System Technology: *Facebook

*Entry Title: *WHID 2011-64: Facebook Bully Video Actually a XSS Exploit *WHID ID: *2011-64 *Date Occurred: *April 7, 2011 *Attack Method: *Cross Site Request Forgery (CSRF) *Application Weakness: *Insufficient Process Validation *Outcome: *Worm *Attacked Entity Field: *Web 2.0 *Attacked Entity Geography: *USA *Incident Description: *A security researcher has identified a bully video as a malicious app exploiting yet another cross-site-scripting vulnerability on Facebook with a very sophisticated payload. *Mass Attack: *No *Reference: * http://www.eweek.com/c/a/Security/Facebook-Bully-Video-Actually-a-XSS-Exploit-121829/ *Attack Source Geography: * *Attacked System Technology: *Facebook
Empathy v1.0   2025 ©Harmonylists.com