Stored XSS In Facebook Chat, Check In, Facebook Messenger - Break Security

[Nytro]

[h=1]Stored XSS In Facebook Chat, Check In, Facebook Messenger - Break Security[/h]

Today, I’m going to share a few of my favorite Stored XSS Findings in Facebook (Facebook Chat, Facebook Check In, Facebook Messenger. These findings are almost always interesting if you happen to find them in the right location.

For instance, what would occur if the Malicious Stored XSS Payload ran on the victim every time they checked in? You could also inject the Payload into the Facebook Chat Screen, which could be really interesting.

There are essentially two different ways to exploit Stored XSS issues.

1.

Let the victim visit our stored XSS Payload (Facebook Check-In, Facebook Messenger, Facebook Chat) on their own.

2.

Exploit it with the URL plus the Stored XSS data.

I wanted to locate an interesting spot within Facebook that would run the data on the victim each time they visited one of my places. I could also just run it through Facebook Chat.

This post will talk a lot about Stored XSS in regard to Facebook Chat, Check-In, Facebook Messenger (Windows Version).

The vulnerabilities mentioned here has been confirmed patched by the Facebook Security Team

Link: Stored XSS In Facebook Chat, Check In, Facebook Messenger | Break Security

[danger2u]

e posibil sa creez o aplicatie ptr facebook??

este pagina Papagali Vorbitori au peste 400000 de fani

imi spui si mie cum drk au ajuns intr un an la asa de multi?