BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction Apr 01 2014 09:59AM
Bipin Gautam (bipin gautam gmail com)
Hi List,

I felt like writing / pointing this minor issue, as it as its "Facebook" ...

This issue is due to the way facebook pictures are stored in CDN
without authentication mechanism, during accessing it. (which would be
way technically complicated to implement it)

Also, it is a Facebook feature...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus