XSS vulnerability in Facebook…

I discovered a persistent XSS vulnerability in Facebook today.┬áIn the interest of responsible disclosure I’ll wait until Facebook has a chance to address it before describing it. In the mean time let’s just say you may want to avoid viewing “friend’s” notes using the Facebook iPhone app for now.