A security professional exposed to a spam campaign on Facebook discovered the method used by the perpetrator and submitted a report through the company’s bug bounty program. The issue still exists because Faceboook dismissed it on on the grounds that it does not change the state of the account. […]
Article Link: https://www.bleepingcomputer.com/news/security/the-clickjacking-bug-that-facebook-wont-fix/