Facebook Logout CSRF

In this post i am going to explain one of my finding in facebook ,the logout CSRF. Although logout CSRF are annoying, it is not considered as security vulnerability.

Facebook has the following link to unsubscribe emails .

https://www.facebook.com/o.php?k=a6d163&u=yourid&mid=606dcb7G517b252cG247fb31G5

“u” parameter is your own facebook user id. if you replace it with any other id, it will make you logout of facebook. So you can send this to any of your friend on facebook or infact anyone on facebook.So once they click on it, they will get logout without their intention! In this way you can annoy someone with this trick. you can use id 4 which is mark zuckerberg’s id which will be invalid for any other user 😉

so the final crafted url will be

https://www.facebook.com/o.php?k=a6d163&u=4&mid=606dcb7G517b252cG247fb31G5