Home / Vulnerability / New XSS attack in Facebook’s Subdomain

New XSS attack in Facebook’s Subdomain

Mauritania Attacker the leader of AnonGhosT Team have discovered a new
Cross Site Scripting (XSS) attack in one of the Facebook’s subdomains
(Facebook Investor Relations)

The exploit can also be showed in the following link : http://investor.fb.com/confirm.cfm?&email=AnonGhosT

Which also can be seen in zone-h mirror provided by Mauritania Attacker : http://zone-h.org/mirror/id/20148459

The exploit can  lead to markup injection and  HTML injection and can cause defacing of
the subdomain up to some extends.