Authentication bugs

Skype, Dropbox Patch Critical Facebook Authentication Bugs

UPDATE Popular applications Skype and Dropbox fixed holes in their websites this week that could have allowed an attacker to gain control of users’ Facebook accounts. In what’s technically being referred to as an “open direct vulnerability,” both applications failed to validate sites before sending users and their access tokens to them.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.