Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Facebook

+ - OAuth Flaw Allowed Access to Any Facebook Account->

Submitted by
Orome1
Orome1 writes "A flaw in Facebook's OAuth system that allows the communication between applications and users has allowed web application security specialist Nir Goldshlager to gain full control of any Facebook account. The exploit worked on all browsers, and would even work on accounts that have 2-step verification enabled. Luckily for all of us, this flaw has already been patched by Facebook, but Goldshlager says that he found a couple of more and Facebook is still working on fixing them."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

OAuth Flaw Allowed Access to Any Facebook Account

Comments Filter:

There are three kinds of people: men, women, and unix.

Working...