According to the article, an Iranian web developer named Pouya Darabi discovered and reported a critical vulnerability in Facebook systems that could have allowed anyone to delete any photo from the social media platform. Darabi analyzed the vulnerability and found that when creating a new poll, anyone can easily replace the image ID in the request sent to the Facebook server with the images ID of any photo on the social media network. The researcher said he received $10,000 as his bug bounty reward from Facebook after he responsibly reported this vulnerability to the social media network on November 3. Facebook patched this issue on November 5.
https://thehackernews.com/2017/11/facebook-delete-photos.html
Quick response by Facebook to fix the bug and it’s interesting to see bug bounty hunters.
Interresting…..it s good that they fix it.
That’s quite an interesting news and I am surprises to see such flaws from world’s largest social networking community. This is pure case of internal system fix and stands a good example for many businesses related to this. It’s good that it was reported on time before any potential violation occurred and extracted personal images.