Founder of Anonghost team “Mauritania Attacker” found XSS Vulnerability in Facebook.com which adds their own message (HACKED BY MAURITANIA ATTACKER) in the Facebook Login Page and we also checked that it is still working.
Hacker “Mauritania Attacker” is also operating #OpPetrol which is their ongoing hacking operation and before this they launched #OpUSA.
Here is the POC:
https://www.facebook.com/r.php?locale=en_us&possible_fb_user=+display=&email=HACKED%20BY%20MAURITANIA%20ATTACKER
Here is the Screenshot of the XSS:
Here is Video by Hacker to show you the XSS:
Mauritania Attacker time to time always in fond of Vulnerabilities and hacking operations also.
Hacker also stated a fact to check the XSS:
*Open a browser where you are not connected on facebook.
>>Catch all these Latest Updated More Easily<<
Subscribe to our Newspaper
This is not an XSS, this is not Cross-site scripting
You can’t execute JavaScript code with this trick
Lol..this not xss