Account Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation
This bug could allow a malicious actor to takeover Facebook/Meta accounts if the user decided to play a Canvas game.
From Our Blog
DOM-XSS in Instant Games due to improper verification of supplied URLs
This bug could allow a malicious actor to takeover Facebook ( and Meta ) accounts after tricking the user to
Continue readingDOM-XSS in Instant Games due to improper verification of supplied URLs
Account takeover of Facebook/Oculus accounts due to First-Party access_token stealing
A malicious actor could steal a first-party access token of the Oculus application which he could use to access the
Multiple bugs chained to takeover Facebook Accounts which uses Gmail.
Description This bug could allow a malicious actor to takeover a Facebook account after stealing a Gmail OAuth id_token/code used
Continue readingMultiple bugs chained to takeover Facebook Accounts which uses Gmail.
More secure Facebook Canvas Part 2: More Account Takeovers
Summary After publishing the write-ups about the bugs i previously found in Facebook Games Platform ( Canvas ), i thought
Continue readingMore secure Facebook Canvas Part 2: More Account Takeovers
Multiple bugs allowed malicious Android Applications to takeover Facebook/Workplace accounts
Description These bugs could allow malicious actors who owns Android Applications installed in the victim device alongside Facebook owned Android
More secure Facebook Canvas : Tale of $126k worth of bugs that lead to Facebook Account Takeovers
Summery Facebook allowed online games owners to host their games/applications in apps.facebook.com for many years now. The idea and technology
Oversightboard.com site-wide CSRF due to missing checking
Description This bug could allow an attacker to force a user in Oversightboard.com who visited his website, to make certain requests which
Continue readingOversightboard.com site-wide CSRF due to missing checking
Disclose unconfirmed email/phone of a Facebook user
Description This bug could have allowed an attacker to target Facebook users in order to potentially leak unconfirmed emails or
Continue readingDisclose unconfirmed email/phone of a Facebook user
Oculus SSO “Account Linking” bug leads to account takeover on third party websites and inside VR Games/Apps
Description This bug allows an attacker to manipulate the callback endpoint that would receive the Oculus access token used by