A new security vulnerability has been reported in Facebook, the flaw could have been exploited by attackers to obtain certain personal information about users and their network of contacts.
The recently discovered issue raises once again the concerns about the privacy of the users of social network giant.
The vulnerability was discovered by security experts from Imperva, it resides in the way Facebook search feature displays results for queries provided by the users.
The good news for Facebook users is that this flawhas already been patched and did not allow attackers to conduct massive scraping of the social network for users’ information.
The page used to display the results of the users’ queries includes iFrame elements associated with each result, experts discovered that the URLs associated to those iFrames is vulnerable against cross-site request...(continued)
