The flaw, Kumar says, has something to do with Facebook's Support Dashboard, a portal that allows users to trackreports sent to Facebook. Users can also use the portal to check if their reports have been reviewed by Facebook employees.
Kumar explains that if a reported photo on the Support Dashboard was not removed by Facebook, the hacker can then optionally send a Photo Removal Request to the victim. During this phase, Facebook will automatically send a message to the victim with a photo removal link. Once the victim accidentally clicks the link, the photo will be removed, he adds.
However, Kumar says that the vulnerability is only found on the mobile version of the Support Dashboard. Kumar then submitted a report to Facebook and followed the guidelines on the whitehat bug bounty program.
Using a video to explain the bug, Facebook security engineers acknowledged the vulnerability and offered Kumar a payout of $12,500 via PayPal or Western Union.
Gene Ryan Briones Gene Ryan Briones (Google+) is a technology journalist with a wide experience in writing about the latest trends in the technology industry, ranging from mobile technology, gadgets and robots, as well as computer hardware and software.
The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.
The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.