Well, I got my second bounty within a relatively short span of time.
The issue was reproduced with ease and had an impact on the user’s privacy. I hope this write-up inspires people not to overlook small issues while scrolling aimlessly through Facebook and also while testing it.
So this started when I was on a small business trip to my hometown with my friend Avishek. He had a good phone and we took a few photos from his phone which he sent me via messenger.
I was using Facebook Lite and one of my friend asked me for the pictures of our trip. I went to Avishek’s messages and clicked on one of the picture of bungee and suspension bridges.
But I was staggered and embarrassed when all the photos from that message were forwarded to my friend.
We had a good share of a laugh, but deep inside I was having an evil laugh as I was excited that I had found a security issue on Facebook again!
I reported it to the Facebook Security Team immediately.
They managed to reproduce and fixed the issue.
And on 16th April, they replied me with this message,
With this write-up, I want to clarify that, I wrote this not to brag about how much I earned or show how cooler I am. I just wanted to share my happiness with other people and I really hope that this write-up helps people in finding issues on Facebook or any other platform that has a bug bounty program.
Thank you so much, everyone! We can befriend each other on Facebook if you click on this LINK. Make sure we introduce each other. And I would love to follow you guys back if you guys follow me on MEDIUM.
Thank you again for reading and Happy Hunting. 🙂