New Facebook XSS Vulnerabilities

There was some buzz today about four new Facebook XSS vulnerabilities announced.  XSS (cross site scripting) is nothing new for Facebook but it's interesting since there is a pretty impressive worm called Koobface still making it's way around the Facebook user base (now spreading to Bebo).  Koobface spread easily through social engineering techniques and XSS has been used to assist with similar types of attacks in the past.  Interesting to see if there will be a combo Koobface/XSS type attack in the future.  

I won't go into a ton of detail about these new vulnerabilities but for a very good write up on these flaws and how they might relate to other attacks going on with social media check out Dancho Danchev's article over at zdnet.