Facebook fixed some XSS vulnerabilities

Finally: Facebook fixed several XSS vulnerabilities. Tt was possible to redirect users (who type a specific search string into the search box) to external websites, steal their cookies etc. I wrote about it here.

Sadly they ignored many vulnerabilities for a long time and didn’t even bother to reply on mails and security reports.