Facebook Vulnerability – Beware of A New XSS on Facebook! This vulnerability allows a malicious user to include JavaScript content into a website and redirect victim’s browser to the prepared URL. There is no user interaction required, so the messages are spreading through Facebook at a fast pace. Facebook’s security team has been notified about the vulnerability and is working on a fix. Hopefully it will be issued soon, since the attack seems easy to recreate.Symantec advises users to log out of Facebook when they are not actively using it or to use script-blocking add-ons to prevent the attack.
Source: https://thehackernews.com/2011/03/facebook-vulnerability-beware-of-new.html