The security expert Philippe Harewood is one of the security researchers that received early access by Facebook to the new FB5 design and discovered an important design flaw.
Harewood explained that the issue affects the GraphQL that is a feature implemented in the new design to remove profile pictures from Facebook fan pages. The design vulnerability could be abused by attackers to delete photos from the profiles of the users.
“The profile_picture_remove mutator is the name of the GraphQL call for this specific mutation. Normally, the mutation accepts a page identifier in the profile_id field for a Facebook page. Changing the identifier for any user profile allowed a malicious user to dissociate the user’s profile picture.” reads a blog post published by Harewood.
The researcher also published a proof-of-concept (PoC) code that allowed him to remove the profile photo from any targeted user’s account.
Harewood pointed out that the original photo removed exploiting the flaw was still available, this means that a user is able to set the profile picture back to the original in an easy way.
Facebook acknowledged the vulnerability and awarded the researcher a $2,500 as part of its bug bounty program.
“We recently ran a similar program where we granted a select group of researchers early access to FB5, the new design for Facebook we announced at our F8 conference. One of these researchers, Philippe Harewood, identified a bug in the new interface that could have allowed someone to remove another person’s profile photo. If this bug was exploited, a person’s profile photo would appear blank.” reads a post published by Facebook. “However, the photo would still be saved in the person’s account and available to upload. We thank Philippe for sharing this bug so we could fix it before FB5 rolls out worldwide. You can read more about his finding here.”
Facebook also announced that it is expanding its Data Abuse Bounty program to include Instagram. The social network giant will launch an invitation-only bug bounty program for the Checkout feature implemented in Instagram.
“Checkout on Instagram allows people to purchase products directly on Instagram without leaving the app. To continue to ensure this feature’s security as we expand globally, we’ve invited a select group of security researchers to stress test it.” concludes Facebook.
“We are exploring other opportunities to tap into the expertise of researchers who consistently submit high-quality research to our bug bounty program and invite them to test new features prior to launch.”
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Facebook, bug bounty)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.