XSS on Facebook’s acquisition Oculus CDN Server

I would suggest you first to read the previous post here. How I bypassed Facebook CDN content’s signature protection. Oculus acquired by Facebook and Oculus CDN Server is also in the scope of the Facebook Bug Bounty Program. The same bug was present on “oculuscdn.com”. On “oculuscdn.com” the bug was very simple and straightforward. Just […]