"Post-mortem" is usually appended to titles for solved vulnerabilities, although this was 2 months ago. Maybe just timestamp it? e.g. "Facebook CSRF leading to full account takeover (Post-mortem, August 2013)"

That would imply that the Post-Mortem itself was written in August 2013, which would probably get far fewer clicks as people assume they've read about the vulnerability before.