Search This Blog

Powered by Blogger.

Blog Archive

Labels

Facebook vulnerability allowed hackers to record video of user and post in his wall

Aditya Gupta and Subho Halder will be getting a bounty of $2500 for CSRF vulnerability in Facebook allowed hackers to record video of target users and post in the victim's wall.

A Cross Site Request Forgery(CSRF) vulnerability in Facebook allowed hackers to record video of target users and post in the victim's wall. The vulnerability was discovered by security researchers Aditya Gupta and Subho Halder, from XYSEC Team .

A malicious hacker could record trick a user to silently record his webcam video and publish it to his facebook wall, without the user even knowing about it.

In a youtube video, researcher demonstrate how an attacker could exploit this vulnerability in a Youtube video.

Four months after researcher notified facebook about the security flaw, facebook finally emailed them that their finding is eligible to receive a bug bounty of $2500, that will come as a Facebook WhiteHat Debit Card.

PoC:

Share it:

Breaking News

Bug Bounty Programs

Facebook Bug bounty

Facebook Vulnerability

IT Security News

Security News