A researcher discovered a critical Account takeover vulnerability in Facebook’s Authorization feature “Login with Facebook” and, it allowed attackers to steal the Access_Token and completely take over the victim’s Facebook account. Facebook using OAuth 2.0 as an Authorization protocol that helps to exchange the token from Facebook and other third party websites.
Read full article on GBHackers