Facebook Vulnerability - Beware of A New XSS on Facebook !
Url : https://m.facebook.com/connect/prompt_feed.php?display=wap&user_message_prompt=%3Cscript%3Ealert%281
%29%3C/script%3E
Url : https://m.facebook.com/connect/prompt_feed.php?display=wap&user_message_prompt=%3Cscript%3Ealert%281
%29%3C/script%3E
New Cross-site scripting vulnerability has been detected on Facebook and widely exploited in the mobile API version, this vulnerability allows a malicious user to include JavaScript content into a website and redirect victim's browser to the prepared URL.
I have already saw this flaw in the last few days, many of my friend list are posting some strange things on the wall and by Just visiting the infected website is enough to post a message that the attacker has chosen. Therefore it should be of no surprise that some of those messages are spreading very fast through Facebook. Some are posting links to infected websites, creating XSS worms that spread from user to user.
There is no user interaction required, so the messages are spreading through Facebook at a fast pace. Facebook's security team has been notified about the vulnerability and is working on a fix. Hopefully it will be issued soon, since the attack seems easy to recreate.
Symantec advises users to log out of Facebook when they are not actively using it or to use script-blocking add-ons to prevent the attack.
I have already saw this flaw in the last few days, many of my friend list are posting some strange things on the wall and by Just visiting the infected website is enough to post a message that the attacker has chosen. Therefore it should be of no surprise that some of those messages are spreading very fast through Facebook. Some are posting links to infected websites, creating XSS worms that spread from user to user.
There is no user interaction required, so the messages are spreading through Facebook at a fast pace. Facebook's security team has been notified about the vulnerability and is working on a fix. Hopefully it will be issued soon, since the attack seems easy to recreate.
Symantec advises users to log out of Facebook when they are not actively using it or to use script-blocking add-ons to prevent the attack.