Breaking News

Reset Password" page suffers major XSS flaw


Hey you all! Our best wishes for 2009!!! smile wink

DaiMon has once more discovered a new critical cross-site scripting vulnerability which affects the Facebook "Reset Password" page.

Malicious users can inject code to phish credentials and other sensitive personal information from millions of Facebook members.

We hope that this serious flaw gets fixed quickly as is usually the case with security flaws in Facebook.

XSS:
http://www.facebook.com/reset.php?local … pt%3Ealert(1)%3C/script%3E%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

Mirror:
http://www.xssed.com/mirror/55951/

Screenshot:
http://www.xssed.com/files/Image/News/facebookresetpwd.JPG

msh pusiink ane dgn ini..please pencerahannya wallbash wallbash wallbash

Enter your email address to get update from Blog Asal Palembang.

Enter your email address:

Delivered by FeedBurner

Tidak ada komentar:

Posting Komentar

Ketentuan berkomentar ;
* Dilarang berkomentar promosi
* Dilarang menautkan link aktif di kalimat komentar
* Dilarang berkomentar yang anda tidak suka jika hal itu terjadi di blog anda sendiri
Komentar yang melanggar akan terblokir secara otomatis
! Terkadang komentar akan dimoderasi karena banyaknya spam

Designed By