 Saturday, June 2, 2018 in Internet  No Comments |  |  Some of the recent additions to the Cascading Style Sheets (CSS) web standard are so powerful that a security researcher has abused them to deanonymize visitors to a demo site and reveal their Facebook usernames, avatars, and if they liked a particular web page of Facebook.
Information leaked via this attack could aid some advertisers link IP addresses or advertising profiles to real-life persons, posing a serious threat to a user's online privacy.
The leak isn't specific to Facebook but affects all sites which allow their content to be embedded on other web pages via iframes.
Vulnerability resides in browsers, not websites
www.bleepingcomputer.com | |
|
