Back to directory
WRITEUP #6396

Stealing Facebook access_tokens using CSRF in device login flow

CSRFOAuthInformation disclosure
by@josipfranjkovic(Josip Franjkovic)
Program
Meta / Facebook
Published
Jul 19, 2016
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://www.josipfranjkovic.com/blog/hacking-facebook-csrf-device-login-flow
RELATED WRITEUPS
Vulnerabilities in Homepage Dashboard
RCESSRF
AI Under Siege: Discovering and Exploiting Vulnerabilities
AI / LLMAI
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!
ReconInformation disclosure
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
How I Got $250 For My Second Bug on HackerOne
OAuthSession expiration issue

Built with ❤️ by Shubham Rawat