Facebook bug let others know who you're writing to

New security flaw in Facebook. The security problems in the social network do not seem to have an end. On this occasion, the new failure in it allowed third parties to know to whom you write private messages on the social network. Therefore, they had access to the Messenger conversations of the users of the social network. The failure was caused by a frame leak between sites (CSFL).

Facebook flaw let others know who you're writing to

The flaw was exploited by vulnerabilities in the properties of the iframes. These are present in the web version of Messenger, as it has been known.

Another Facebook security flaw

This new security problem in the social network is similar to one detected last November. In order to know who a user is writing to, it was enough to hide malicious code on a web page and that the user had their Facebook session open. In this way it was possible to know if this person had sent messages to another or not using the social network.

The flaw was discovered late last year. As a solution, the social network opted to remove the use of iframes in Messenger. Although it has been commented that this failure did not allow access to the content of the conversations. You could only see who a message was sent to.

Undoubtedly, the umpteenth security breach for the social network, which has been involved in scandals for some time. Although Facebook dropped this past week that there were going to be many changes. But they certainly have a lot of work to do in this field.

Imperva font