A security researcher has discovered a vulnerability in Facebook that could allow a hacker to hijack a user's account.
Shlomi Narkolayev has created a video of the exploit, called Clickjacking, which. runs embedded code in a web browser that takes over control of the browsing session.
He said, "Websites such as Facebook and many other 'protected' websites are vulnerable to Clickjacking attack."
Markolayev warned that through Clickjacking, a hacker could trick users into adding them as a friend, delete their account, open their camera and microphone using flash, or install Facebook applications.