CSFL
Latest
Facebook Messenger bug let other people see who you'd been talking to
In November, researchers discovered a Facebook bug that allowed websites to extract data from users' profiles thanks to a security flaw relating to cross-site frame leakage (CSFL). Today, the same team has revealed a now-patched vulnerability that would let websites expose who you've been chatting to in Facebook Messenger.
