Security researchers have uncovered two critical cross-site scripting (XSS) vulnerabilities in Meta’s Conversions API Gateway that could enable attackers to hijack Facebook accounts on a massive scale without any user interaction. The flaws affect Meta-owned domains, including facebook.com and meta.com, as well as potentially 100 million third-party deployments of the open-source gateway infrastructure. Understanding the […]
The post Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: