mailing list archives
Fake messages and chat bug in Facebook
From: Matteo Fabbri <matteo () phascode org>
Date: Fri, 29 Jun 2012 21:08:41 +0200
Knowing the user registration email is possible to send fake messages /
chat to facebook users.
The only thing required is a fake mail with as the sender the victim
registration email addressed to the facebook ids followed by "@facebook.com
from victim.email () hotmail com to friend1 () facebook com, friend2 () facebook com
Sent email will be shown in Facebook like a private message (or chat if
multiple recipients are specified) sent by the Facebook account of the
(Previously reported vulnerabilities to Facebook)
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Fake messages and chat bug in Facebook Matteo Fabbri (Jul 02)