Security News > 2018 > September > Facebook offers bounties for user token bugs in third-party apps, websites
2018-09-18 12:34
Facebook is expanding its bug bounty program to include vulnerabilities in third-party apps and websites that involve improper exposure of Facebook user access tokens. What’s in scope? “Access tokens allow people to log into another app using Facebook and are uniquely generated for the specific person and app,” security engineer Dan Gurfinkel noted. “If exposed, a token can potentially be misused, based on the permissions set by the user. We want researchers to have a … More → The post Facebook offers bounties for user token bugs in third-party apps, websites appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/SoZxEVg7aVM/