Skip to main content

Posts

Showing posts from August, 2018

Facebook Security Bug Ninja (doctor) !!!

Facebook Security Bug Ninja   (doctor) !!! Facebook has a Security bug reporting bounty @ https://www.facebook.com/whitehat   BUG : Copied embed tag of YouTube video allows (a variant of) Domain Spoofing SYMPTOM : Copied embed tag of YouTube video allows modification of src tag which allows unsafe redirection to malicious servers, where miscreants call hack FB User Data. Have a glimpse of the personalized Thank You Email from FB :-) No cash this time though  :-( 😍😍😍

Facebook Security Bug Ninja (doctor) !!!

Facebook Security Bug Ninja   (doctor) !!! Facebook has a Security bug reporting bounty @ https://www.facebook.com/whitehat   BUG : Copied embed tag of YouTube video allows (a variant of) Domain Spoofing SYMPTOM : Copied embed tag of YouTube video allows modification of src tag which allows unsafe redirection to malicious servers, where miscreants call hack FB User Data. Have a glimpse of the personalized Thank You Email from FB :-) No cash this time though  :-( 😍😍😍