XSS in facebook

Hi readers

when you create a fan page on facebook, it is possible to inject malicious code in the name of the group.

the code is executed when you want to delete or stop following a fan page.

1. Creating a fan page with malicious script: http://img192.imageshack.us/si.php?img=creaciondelapagina.jpg

2. The page was created: http://img63.imageshack.us/si.php?img=paginacreada.jpg

3. fan page before to be deleted: http://img29.imageshack.us/si.php?img=eliminacion1.jpg

4. XSS on Facebook Smile : http://img63.imageshack.us/si.php?img=eliminacion2.jpg

this vulnerability will allow malicious users to steal session or execute malicious scripts XSS, also may be used for phishing.

Att: c7b3r