Facebook and MySpace security: backdoor wide open, millions of accounts exploitable

As a application developer on Facebook, I usually run into certain walls that limit my application functionality. But I don’t give up easily, and only recently I found a solution to one of my function limitations. Suprisingly, when looked into more carefully my solution allowed full access and control to the Facebook user account that accessed my application. Did I mention this would also be untraceable since exploit actions would happen from the users IP and own domain cookie?

via yvoschaap.com

Apparently this is an issue with crossdomain permissions. Should be fixed soon. You might have already been compromised!