HomeNews FeedBug in Facebook Messenger app

Bug in Facebook Messenger app

Reading Time: < 1 minute read

Imperva is one of the research companies who previously reported one of Facebook vulnerability on the Facebook Messenger application. Last year November, they have discovered a bug where hackers can use any website to display who you messaged with. After reporting this bug, Facebook immediately, have fixed it.

Again Imperva has discovered which is similar to the previously found bug on November last year. According to them, hackers could exploit iframe elements to see which friends the user talks to. This could be done from the users web browser. If you feel afraid after reading this. Do not worry. Imperva has confirmed that hackers couldn’t gain other data from this attack.

Facebook immediately tried to fix the issue by randomizing the iframe element. Even though, they fixed the issue Imperva still pointed out that hackers could still design an algorithm which can expose the user’s contact. In order to fix this bug permanently, Facebook takes a drastic decision by completely removing the iframes from Messenger application.

“We appreciate the researcherโ€™s submission to our bug bounty program. The issue in his report stems from the way web browsers handle content embedded in webpages and is not specific to Facebook.”

Facebook

Raaj Lokanathan
Raaj Lokanathan
A software engineer as a profession. A tech blogger as a passion.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Must Read