CVE-2014-6392
The CVE-2014-6392 entry concerns an XSS vulnerability in the Facebook iOS apps: Facebook 14.0 and Messenger 10.0, exploitable via a crafted filename extension that is mishandled during MIME sniffing of chat traffic. The vendor disputes the impact, noting an interstitial warning is shown and the H...