Robert McMillan reports:
Facebook is fixing a Web programming bug that could have allowed hackers to alter profile pages or make restricted information public.
The flaw was discovered last week and reported to Facebook by M.J. Keith, a senior security analyst with security firm Alert Logic.
[…]
Keith could make users’ private information public, change or read profile information, even add new contact e-mail addresses, he said. “It’s pretty bad; you can do a lot of damage with it,” he said.
Read more on Computerworld.