Vulnerability on Facebook opened access to private photos of users (including Zuckerberg)
Of course, not only those photos of Zuckerberg were able to access those who discovered a new vulnerability in the social network Facebook. But, as always, it was gaining access to private photos of the head of this social network that helped tech support Facebook move faster and close the discovered vulnerability. As for the latter, everything is quite simple there, and maybe this vulnerability is not so new, they just did not talk about it at every corner. Be that as it may, the whole thing lies in the recent function, which allows sending simultaneously several complaints about “inappropriate photos” or illegal content on someone’s page.
It can be the notorious child porn, just a nudity, or something else like that. A feature recently introduced on Facebook made it possible to send a complaint to several photos at once, with the option “take action by selecting additional photos to include with your report”. Enabling this option showed recent photos from a user’s profile, which could be rated as “inappropriate”. The function, in general, is harmless, but the developers missed one bug that opens access to private photos of any user when using this very new option.
Of course, those who discovered the vulnerability immediately began to check the opportunities that opened up on Zuckerberg's profile. And the “testers” succeeded, and the received private photos of the creator of Facebook were uploaded to imgur.com. There is nothing special in the photographs, but it’s clear, the hype around this case still raised a serious one. The photos will probably be deleted soon with imgur, but so far they still hang there.
And yes, the vulnerability due to which it was possible to view private photos of any users has already been closed. Now, indeed, the best way to draw the attention of developers to any problems with a resource is to apply a vulnerability to any of the leaders or owners of this resource.
Via Mashable