Consequences
OMG! They're going to banish the miscreants to MySpace as punishment...
Facebook officials have tracked down the scammers responsible for deluging the social network with images depicting bestiality, self-mutilation and other depravity and is vowing to seek swift justice. As previously reported, Facebook has blamed the torrent of extreme smut on a "self-XSS vulnerability in the browser" that …
>"Facebook does not correctly sanitise the user input into the URL bar"
Facebook doesn't have any chance to sanitise the "user input into the URL bar". Your browser parses that directly, and if it's a javascript: url rather than an http(s): url, nothing gets sent to facebook; it's all executed immediately and locally in your browser.
"Earlier this year, Wallace was criminally charged with hacking more than 500 million Facebook accounts."
And then this from your earlier article, which was linked BTW,
"One of the first figures to plaster the internet with millions of spam messages before being driven underground has been criminally charged for hacking some 500,000 Facebook accounts, stealing their personal information, and sending 27 million unwanted advertisements."
Normally your rather on top of information but for you not to remember what it was that you wrote? Shame on you :P