HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
This "bug" seems like a pretty damn big oversight on Facebook's part. I can' t believe it is as simple as creating a Facebook profile with the victim's email address, adding a malicious email as the secondary, and then confirm the account using the bad email address.
Bitdefender has identified a flaw in Facebook's account registration process which indirectly led to situations where attackers could take over user profiles on sites where Facebook Social Login feature was enabled. The vulnerability could be used if an attacker discovered that a victim had an email address which he used on a regular basis, but had not registered on Facebook to create an account.
Bitdefender has identified a flaw in Facebook's account registration process which indirectly led to situations where attackers could take over user profiles on sites where Facebook Social Login feature was enabled. The vulnerability could be used if an attacker discovered that a victim had an email address which he used on a regular basis, but had not registered on Facebook to create an account.