You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As far as I can tell this lets your friends insert arbitrary HTML into your chat window, which in turn lets them run arbitrary code. Which can then do pretty much any action on Facebook on your behalf, and of course, steal all your encryption keys.
I admit I didn't test this because I couldn't be bothered to create multiple FB accounts.
The text was updated successfully, but these errors were encountered:
Problematic line (and the other one that does the same thing, why are there two anyways?):
As far as I can tell this lets your friends insert arbitrary HTML into your chat window, which in turn lets them run arbitrary code. Which can then do pretty much any action on Facebook on your behalf, and of course, steal all your encryption keys.
I admit I didn't test this because I couldn't be bothered to create multiple FB accounts.
The text was updated successfully, but these errors were encountered: