is a student of University of Virginia's School of Engineering, double majoring in computer science (B.S.) and mathematics. She is "currently examining the Facebook
Platform as a case study on the security of mashups", and recently discovered a serious XSS vulnerability affecting the popular social networking website.
Quoting from her e-mail about the Facebook XSS issue: "It allows someone to add executable code to a profile (thereby compromising anyone who views the profile). Since Facebook uses a single "secret" form ID for all forms on the site, the exploit opens up the entire site. The fun part is that the code could propagate by calling a form to install itself to the user's profile.