Defacing Facebook: A Security Case Study PDF

This paper describes Facebook’s security mechanisms and presents a cross-site scripting vulnerability in Facebook Markup Language that allows arbitrary JavaScript to be added to application users’ profiles. The profile in the code can then defeat their anti-
request forging security measures and hijack the sessions of viewers.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA