https://www.osisecurity.com.au/inchoo-facebook-connect-extension-for-magento-parameter-xss.html
Date:
04-Apr-2017
Product:
Inchoo Facebook Connect (Magento Plugin)
Vulnerability:
Reflected cross-site scripting.
Details:
Within ./app/code/community/Inchoo/Facebook/Block/Channel.php
return '';
locale isn't escaped, so it is possible to submit