Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover

Security researchers have uncovered two critical cross-site scripting (XSS) vulnerabilities in Meta’s Conversions API Gateway that could enable attackers to hijack Facebook accounts on…