Back to directory

WRITEUP #2827

View Friends List of any users using “View as” | Facebook Bug bounty

Logic BugLogic flawBroken Access Control

byPh.Hitachi

Program

Meta / Facebook

Published

Apr 2, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://ph-hitachi.medium.com/view-friends-list-of-any-users-using-view-as-facebook-bug-bounty-edeb6af5640b

▸ RELATED WRITEUPS

Logic Flaw: I Can Block You from Accessing Your Own Account

Logic BugLogic flaw

“Like” Bypass on Customer Reviews — €500 bounty

Logic BugLogic flaw

Vestaboard: Exploring Broken Access Controls and Privilege Escalation

Privilege EscalationBroken Access Control

How I Earned $469 Bounty: Bypassing Plan Restriction

Privilege EscalationBroken Access Control

Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP

Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat