[cap-talk] A Massive Confused Deputy on the Web
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Tue Jun 3 08:36:45 CDT 2008
On Jun 3, 2008, at 3:37 PM, Toby Murray wrote:
> ordinary people to gain access to arbitrary Facebook profiles via a
> Yahoo gadget.
In this instance it was MySpace, not Facebook, though Facebook had a
similar vulnerability with photographs (but not profile information)
in the past.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
More information about the cap-talk
mailing list