Logical bug on Facebook group

Hi,
I would like to share one of  Logical Bug in facebookgroups. The bug I found was too simple to exploit but it had a great Impact.

[#] Title:  Logical bug on facebook group.
[#] Worth: $2000 USD
[#] Status: Fixed
[#] Severity : I don’t know :p
[#] Author: Manjesh S
[#] Twitter: @Manjesh24

Description:
If you are the admin of the group you can remove the users, add users, edit/delete posts etc..
But if you make a attacker admin then he also gets the same admin rights, The problem is you cannot remove the attacker from the group using this bug..
Read More

Đăng nhận xét

Mới hơn Cũ hơn